firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 20 Oct 2022 15:51:50 GMT
Expires: Thu, 20 Oct 2022 16:15:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xpib1xD4UekSGzWBK1WJ-QBN98rDE0ymHMAAdLNH3l_edt-NtBGrAg==
Age: 1841
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b6481bf5f33b42cdd966d49d8b70107
03ed01a9dc82a7efaf3706691249d811f64719a4
1e42a2cd7e7ef655d17dea6423dff85d3f57111d9bd08d2f829535aa462eb11c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E42A2CD7E7EF655D17DEA6423DFF85D3F57111D9BD08D2F829535AA462EB11C"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3302
Expires: Thu, 20 Oct 2022 17:17:34 GMT
Date: Thu, 20 Oct 2022 16:22:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e41c85816a32bf30e54a8993fcd0406f
35013fb83966783145f1439eb7e949beefae4cf8
22dfbec34834914ffd13a3bee717dbf695450c05a44949bb691e39d254e39665
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DFBEC34834914FFD13A3BEE717DBF695450C05A44949BB691E39D254E39665"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9154
Expires: Thu, 20 Oct 2022 18:55:06 GMT
Date: Thu, 20 Oct 2022 16:22:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Jz0uS4i1DoZ0lLOs4KUsKqDafqmKqbaRsMOCLqRUHf8TR5Jk3oWRehYVPONHejKTIt+7u5IGAsM=
x-amz-request-id: F9HN701HX6T6DEFA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 20 Oct 2022 15:36:48 GMT
age: 2744
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 16:22:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 2.2 kB IP 172.64.155.188:0
Hash 04cf822b4a756ba1153fd49d0ee52a53
be5f1ee57db4096001411aa54aae5017c3271769
cb78994ff7a1a9f292d1d4e5076e4dc97d4d16238a3000c8a885631a5238d7c0
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:32 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 10:12:16 GMT
Expires: Wed, 26 Oct 2022 10:12:15 GMT
Etag: "be5f1ee57db4096001411aa54aae5017c3271769"
Cache-Control: max-age=604074,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 368
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75d317c47bd30b45-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f978203e0de6f41a85d143d2f7c4af11
e614faba753a62f6dc728f1cb8ed94498c675e29
857218e93d7c6cee04d7542335f2a64d8017a971f13b582fd3c2400de0f06edb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 21:57:49 GMT
Expires: Mon, 24 Oct 2022 21:57:48 GMT
Etag: "e614faba753a62f6dc728f1cb8ed94498c675e29"
Cache-Control: max-age=365115,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d317c49adfb503-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 20 Oct 2022 15:43:40 GMT
Expires: Thu, 20 Oct 2022 16:39:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aPAogLQ_S5I-jIexXIFInzm9s2nq8uJ6Mdc7YM-pb6Un1b5AsOZdpg==
Age: 2332
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a5dd4f71f4ddd5be9201466ed7a6c423
1d0832fb6e227d42137d319f728c8bc1414c816f
1edffa6a320210fccbd0e5fa6dbdaa45561678a75a66639985f02791c8283b40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1904
Cache-Control: max-age=144958
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:32 GMT
Etag: "63510196-1d7"
Expires: Sat, 22 Oct 2022 08:38:30 GMT
Last-Modified: Thu, 20 Oct 2022 08:06:46 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.usertrust.com/
172.64.155.188200 OK 2.2 kB IP 172.64.155.188:0
Hash 04cf822b4a756ba1153fd49d0ee52a53
be5f1ee57db4096001411aa54aae5017c3271769
cb78994ff7a1a9f292d1d4e5076e4dc97d4d16238a3000c8a885631a5238d7c0
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:32 GMT
Content-Type: application/ocsp-response
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 10:12:16 GMT
Expires: Wed, 26 Oct 2022 10:12:15 GMT
Etag: "be5f1ee57db4096001411aa54aae5017c3271769"
Cache-Control: max-age=604074,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 368
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75d317c78e980b45-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6c0ebb4b812c4399a496ca889638f10c
c1c7c6bd56c11b35c411566da01f9059f0cde43a
541992d0380cd546e6011178c1125dfbe3e7e4a92e11e5f81a2bbe65d23ea111
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 17:23:26 GMT
Expires: Tue, 25 Oct 2022 17:23:25 GMT
Etag: "c1c7c6bd56c11b35c411566da01f9059f0cde43a"
Cache-Control: max-age=435052,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d317c79eb9b503-OSL
www.regions.com/MLO/jerrichamberlin
205.255.47.100301 Moved Permanently 0 B URL HTTP/1.1 www.regions.com/MLO/jerrichamberlin
IP 205.255.47.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MLO/jerrichamberlin HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 20 Oct 2022 16:22:33 GMT
Content-Length: 0
Connection: keep-alive
Location: /locator/mlo/mortgage-loan-officer-Jerri-Chamberlin-Southaven
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Set-Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660;path=/;httponly
Strict-Transport-Security: max-age=157680000
push.services.mozilla.com/
34.218.159.206101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.159.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uBVfguu/GcbibnscPnDBuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ng9gWxtlpSkfO/abQfWAesvPBtg=
www.regions.com/locator/mlo/mortgage-loan-officer-Jerri-Chamberlin-Southaven
205.255.47.100302 Found 200 B URL HTTP/1.1 www.regions.com/locator/mlo/mortgage-loan-officer-Jerri-Chamberlin-Southaven
IP 205.255.47.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f693f595026df52fd5aa1ed37589f692
27df42c4b1ea0fbfbd4c24c64a698f0d65689cf5
db2b0107a0840a8f2d6d071f61366aeb7220d003971728dfad070b4cfb9e1718
GET /locator/mlo/mortgage-loan-officer-Jerri-Chamberlin-Southaven HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 20 Oct 2022 16:22:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 200
Connection: keep-alive
Location: http://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
205.255.47.100200 OK 18 kB URL HTTP/1.1 www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
IP 205.255.47.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (415), with CRLF line terminators
Hash c0492086b2114e47e2c6528176f0680a
26b341847b7f8001b3e6b97d9ad23bc373257914
2b79a9430ad4c7fca34cdb1e672634630df94766101cb47af3b9a7d9de15e5ff
GET /locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Oct 2022 16:22:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 18311
Connection: keep-alive
Cache-Control: private
Content-Encoding: br
Vary: Accept-Encoding
Set-Cookie: ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; path=/; HttpOnly; SameSite=Lax
SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False; expires=Sun, 17-Oct-2032 16:22:33 GMT; path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-300-webfont.woff2
205.255.47.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-300-webfont.woff2
IP 205.255.47.100:0
File type Web Open Font Format (Version 2), TrueType, length 12936, version 1.0\012- data
Hash 6d4b2348a4f8f255a2bfd1ab35e30618
72a7e20b49379ccab237d004a3506e22b3b7934b
0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f
GET /rdcresources/content/fonts/source-sans-pro-300-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1104317
Date: Fri, 07 Oct 2022 21:37:12 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "9015e5609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12936
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2
205.255.47.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2
IP 205.255.47.100:0
File type Web Open Font Format (Version 2), TrueType, length 13080, version 1.0\012- data
Hash 834648c5f6f2f73c3df33def9348d879
7385e4868c41fb1e4ba48503a16235ddb8cd8a6c
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
GET /rdcresources/content/fonts/source-sans-pro-regular-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1104317
Date: Fri, 07 Oct 2022 21:37:12 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "30d1f2609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 13080
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2
205.255.47.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2
IP 205.255.47.100:0
File type Web Open Font Format (Version 2), TrueType, length 12592, version 1.0\012- data
Hash 48e38952d86d1b849b4e7e79c109a116
d8c9466e811876438d3e1d900943e3fa3d9625c1
0007bd27c6755494aa1b4fdebf9f019db02b59e5f02222148e136c75ccef026e
GET /rdcresources/content/fonts/source-sans-pro-300italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 761463
Date: Tue, 11 Oct 2022 20:51:28 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "307eeb609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12592
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-600-webfont.woff2
205.255.47.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-600-webfont.woff2
IP 205.255.47.100:0
File type Web Open Font Format (Version 2), TrueType, length 13072, version 1.0\012- data
Hash 595d5c1e2d877c3a50a77158e977ede4
0564953f05d57246c240796c5ba2bbec8c8ba93c
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
GET /rdcresources/content/fonts/source-sans-pro-600-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1104317
Date: Fri, 07 Oct 2022 21:37:12 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "805fe7609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 13072
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2
205.255.47.100200 OK 13 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2
IP 205.255.47.100:0
File type Web Open Font Format (Version 2), TrueType, length 12580, version 1.0\012- data
Hash 0408305af8e45ff50aa09d3d3732fc01
3ff33e34998c68f480305e1d91adcd1ed8a2a7ee
6b49f18370ab654be0367fb969d5015649fdf5406bcbec33e5b0644f4bb7fe0a
GET /rdcresources/content/fonts/source-sans-pro-italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1104317
Date: Fri, 07 Oct 2022 21:37:12 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "508e2609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 12580
Strict-Transport-Security: max-age=157680000
www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
205.255.47.100200 OK 127 kB URL HTTP/1.1 www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
IP 205.255.47.100:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 127 kB (126702 bytes)
Hash da3cd2f86ca8b7d05327fafd460aced4
ec18661d3be7932a10391760a81b5fbab6e160a7
e371192f0e3e490d2154ae5ea94f4fd2d8223779d7356944933f1d49cd652482
GET /RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1125303
Date: Fri, 07 Oct 2022 15:47:27 GMT
Cache-Control: max-age= 31536000,public
Content-Length: 126702
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "60c4675f9ab8d81:0"
Content-Type: text/css
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-regular-webfont.woff2
205.255.47.100200 OK 25 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-regular-webfont.woff2
IP 205.255.47.100:0
File type Web Open Font Format (Version 2), TrueType, length 25180, version 1.0\012- data
Hash ed97ad0179a7e320488aabe236a03029
4d605ccfe533eb243f6c3ca403785960d8b5cff9
3913c00225825b9de4b6f6f292d6222b4328c5e8ae85bbe7c8929660ab0f8dee
GET /rdcresources/content/fonts/droidserif-regular-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 761464
Date: Tue, 11 Oct 2022 20:51:28 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "309ce6609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 25180
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-bold-webfont.woff2
205.255.47.100200 OK 28 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-bold-webfont.woff2
IP 205.255.47.100:0
File type Web Open Font Format (Version 2), TrueType, length 28520, version 1.0\012- data
Hash 4a80ddcba4cef2129dec8753762ac8f1
44f352414c76a8f84c27d6240fa3634fd248f4fa
1fa9dc815c95ac07bd2badeacc086f16ea92051db9818ca26c2f7bf048ae8b40
GET /rdcresources/content/fonts/droidserif-bold-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 761464
Date: Tue, 11 Oct 2022 20:51:28 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "c0fbe7609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 28520
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/fonts/droidserif-italic-webfont.woff2
205.255.47.100200 OK 23 kB URL HTTP/1.1 www.regions.com/rdcresources/content/fonts/droidserif-italic-webfont.woff2
IP 205.255.47.100:0
File type Web Open Font Format (Version 2), TrueType, length 22988, version 1.0\012- data
Hash fe84712f81388dfad5f48e4de801ec44
1c3e195be8306df1edc70d4abfa9270876093640
98213150300a378382c71ad9eff1538120dd8f9f29780c475feead2add55d80d
GET /rdcresources/content/fonts/droidserif-italic-webfont.woff2 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 761464
Date: Tue, 11 Oct 2022 20:51:28 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "b098f1609ab8d81:0"
Content-Type: font/woff2
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 22988
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/1px.gif
205.255.47.100200 OK 119 B URL HTTP/1.1 www.regions.com/-/media/Images/1px.gif
IP 205.255.47.100:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash ce21cbdd9b894e6af794813eb3fdaf60
d324efa2b5648eaca4a376c87a01808eb63cc18f
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
GET /-/media/Images/1px.gif HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520792
Date: Fri, 14 Oct 2022 15:42:40 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: abb54fb4cab64b92b52e12f5fa9df56a
Content-Length: 119
Content-Type: image/png
Last-Modified: Fri, 11 Feb 2022 18:54:06 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="1px.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4
205.255.47.100200 OK 32 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4
IP 205.255.47.100:0
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 6fc369a602a8d0b803844cb324804c7d
415c94e7e9528cfcf2706ff599a72d148283384d
ae0ed41222aa8d4f4203f7734202032e84de9df5807b92ae3cc0fd26953e9b9e
GET /-/media/Images/WebSiteImages/avatar-branch.png?revision=04722475-1946-4ca4-8a8b-d8ca60b1b2e4 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520288
Date: Fri, 14 Oct 2022 15:51:04 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f785d9fe41924d3d829e9becc9f49ec4
Content-Type: image/png
Last-Modified: Wed, 29 Jun 2016 16:37:41 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="avatar-branch.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 32529
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/img/regions-logo-no-r.svg
205.255.47.100200 OK 2.2 kB URL HTTP/1.1 www.regions.com/rdcresources/content/media/img/regions-logo-no-r.svg
IP 205.255.47.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1024)
Hash a1f74587948b0dd3ba17bc85e8e17cf8
73c00bb48f58bc146754ff1e38e82367e62b623c
54d76bbd9a1b94ddf025374da0c8f6072f47c4b83305fa54773b348d99f2b184
GET /rdcresources/content/media/img/regions-logo-no-r.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1125365
Date: Fri, 07 Oct 2022 15:46:25 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "70af715f9ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 2183
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767
205.255.47.100200 OK 2.8 kB URL HTTP/1.1 www.regions.com/-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767
IP 205.255.47.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1307)
Hash d58bee0aa7945d823a1107e530c1b91c
9030ba67d5b1bfbee85569b75f72e6a6c8de52af
7f9fe1eefa9793fa369be97036bb01cc78d3fad97d30579ac51d5a98d60cd36f
GET /-/media/Images/Logo/Desktop/header-logo-desktop-regions-standard.svg?revision=5073573a-233c-4471-a6dc-112e6b2cc767 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520866
Date: Fri, 14 Oct 2022 15:41:27 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 2587ba95fc7a4fcfacd83d243f8c881d
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Fri, 03 Apr 2020 23:05:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="header-logo-desktop-regions-standard.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 2771
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/img/icon-header-chevron-down.svg
205.255.47.100200 OK 517 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/img/icon-header-chevron-down.svg
IP 205.255.47.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text
Hash 6fe592877f7dfdf762e54c6897eb7b82
e938188ad794631774fc4f3c9164c00007d50efd
879055122ad0f1083f2205e4e45871dfdbba85a5d1015fd62caef18ff002cd17
GET /rdcresources/content/media/img/icon-header-chevron-down.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1125365
Date: Fri, 07 Oct 2022 15:46:25 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "90464b609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 517
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/img/icon-help.svg
205.255.47.100200 OK 1.6 kB URL HTTP/1.1 www.regions.com/rdcresources/content/media/img/icon-help.svg
IP 205.255.47.100:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2810)
Hash 1e87abefd0a276764c34a02b603b55db
726453b4422b74ff47e7219c823e809bc2dc0763
f00319af3c6c500e1707cb37995e13782710bc08ec0e2bc68a4e6ea28053c25b
GET /rdcresources/content/media/img/icon-help.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1125365
Date: Fri, 07 Oct 2022 15:46:25 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "0e82609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 1604
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Jerri-Chamberlin-Southaven.ashx?revision=a143e7f8-5c76-446d-a30d-0e3f4e7fa6e5
205.255.47.100200 OK 56 kB URL HTTP/1.1 www.regions.com/-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Jerri-Chamberlin-Southaven.ashx?revision=a143e7f8-5c76-446d-a30d-0e3f4e7fa6e5
IP 205.255.47.100:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, xresolution=162, yresolution=170, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2017:05:09 12:29:45], progressive, precision 8, 175x175, components 3\012- data
Hash ded606051534f285127da55a4d0c5442
94e4230804eba41fd65f0e5856367c6814eaa3d5
a2a1950032ab27f094309ee682c5719f62e512fc85c7e46aa4258fd3eb0d0bba
GET /-/media/Images/DotCom/Locator/MLOs/mortgage-loan-officer-Jerri-Chamberlin-Southaven.ashx?revision=a143e7f8-5c76-446d-a30d-0e3f4e7fa6e5 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 558160
Date: Fri, 14 Oct 2022 05:19:52 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 210fb316ee144f009265b9014d346afb
Content-Length: 56107
Content-Type: application/octet-stream
Last-Modified: Tue, 04 May 2021 18:07:24 GMT
Accept-Ranges: bytes
Content-Disposition: attachment; filename="mortgage-loan-officer-Jerri-Chamberlin-Southaven"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-locator-mlo-badge.svg
205.255.47.100200 OK 288 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-locator-mlo-badge.svg
IP 205.255.47.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (352)
Hash 644bd0cb57824821768ad81bc24a44af
2e2a8af1795c6b25db1565a3cdbda4d7cc91195a
116ed69e7888779413c0a65cb95b9c09e01d4340e802d2f7800918a3572bf39f
GET /rdcresources/content/media/images/websiteimages/icon-locator-mlo-badge.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 761086
Date: Tue, 11 Oct 2022 20:57:46 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "f095cd609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 288
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-diploma.svg
205.255.47.100200 OK 999 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-diploma.svg
IP 205.255.47.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2436)
Hash 3f7ebf0a903242cf3f25bc1bc160577a
93687981f9912dbb442c5ff91757ef2794457f7b
1ffe8b84b0938826970ed87dd87578870553bf2e21b56d91cfba29a269bfd335
GET /rdcresources/content/media/images/websiteimages/icon-diploma.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 761086
Date: Tue, 11 Oct 2022 20:57:46 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "20bce609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 999
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-star-full.svg
205.255.47.100200 OK 182 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-star-full.svg
IP 205.255.47.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 9f82b92e5ae5303f02f70f2866dc5770
76549bf7d83cfaf3eed0b2358cd4ced6a0d42799
b702cce1853091ca3940463fe67ba239ee335af3acd5e20b18ce3890156701e2
GET /rdcresources/content/media/images/websiteimages/icon-star-full.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 761086
Date: Tue, 11 Oct 2022 20:57:46 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "0bdcd609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 182
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/video-component-background.jpg
205.255.47.100200 OK 86 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/video-component-background.jpg
IP 205.255.47.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2800x900, components 3\012- data
Hash 714ec83101dd539af3adda51008a05d1
e2532bb228b37f019f4c7e50a850cc10d3dc5d3a
7caee0314b38dbf2499e877aaf6fc68cc34521d63d55a08d8b8ea4cecb7f7990
GET /-/media/Images/WebSiteImages/video-component-background.jpg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520355
Date: Fri, 14 Oct 2022 15:49:57 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 9d7b5cdd37ac4196bc046f22d89a7d60
Content-Length: 85802
Content-Type: image/jpeg
Last-Modified: Fri, 03 Apr 2020 23:05:56 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="video-component-background.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/rdcresources/content/media/images/websiteimages/icon-search.svg
205.255.47.100200 OK 383 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-search.svg
IP 205.255.47.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (885)
Hash 5a496f703b488debeff9e2a3ffb15431
45c6bcfbba5d287d4ab934f1be58936ce02b07f1
cccd3510527cc3dba2e9549bfafc7d5adcc841c85ac5adc3ece5e929e5110521
GET /rdcresources/content/media/images/websiteimages/icon-search.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1125254
Date: Fri, 07 Oct 2022 15:48:16 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "f095cd609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 383
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/WebSiteImages/loader.gif
205.255.47.100200 OK 8.4 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/loader.gif
IP 205.255.47.100:0
File type GIF image data, version 89a, 80 x 80\012- data
Hash 0eb0c1bdfdc4a4bd352121f51fec9149
d19adfb29240f0e08accaa483fc00c83c795f369
94a9405de974c3a6ea53616c60777c091e1330fb1b07549d5bdba4168cd19e70
GET /-/media/Images/WebSiteImages/loader.gif HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520792
Date: Fri, 14 Oct 2022 15:42:40 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 7cfa43f033c942d7a4dbec8b73001e6b
Content-Length: 8369
Content-Type: image/gif
Last-Modified: Fri, 03 Apr 2020 23:05:54 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="loader.gif"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5847
Expires: Thu, 20 Oct 2022 18:00:01 GMT
Date: Thu, 20 Oct 2022 16:22:34 GMT
Connection: keep-alive
www.regions.com/RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.30012
205.255.47.100200 OK 152 kB URL HTTP/1.1 www.regions.com/RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.30012
IP 205.255.47.100:0
File type Unicode text, UTF-8 text, with very long lines (60936)
Size 152 kB (152472 bytes)
Hash 2a9f15958185b4f994c972abc957498f
2cb3a68eeadd9ccd669ca37bb19d2c71fe9fde21
6d293278c7819ea252248629add5e0b13684b5ca1750e8eca66aaf3ef0696d34
GET /RDCResources/Scripts/rdc-ui.min.js?v=1.0.0.30012 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1125304
Date: Fri, 07 Oct 2022 15:47:27 GMT
Cache-Control: max-age= 31536000,public
Content-Length: 152472
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "0733619ab8d81:0"
Content-Type: application/javascript
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5847
Expires: Thu, 20 Oct 2022 18:00:01 GMT
Date: Thu, 20 Oct 2022 16:22:34 GMT
Connection: keep-alive
www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-left.svg
205.255.47.100200 OK 182 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-left.svg
IP 205.255.47.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 3d6e93f26cbed5c0aa513bf999390324
2eba3877db3b6e7628432bac0ddaa87bb15e0964
16bf21ce7515f635f6001facdc834a464e4f33ee66f8107a6d9c591b652d8945
GET /rdcresources/content/media/images/websiteimages/icon-arrow-left.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1125568
Date: Fri, 07 Oct 2022 15:43:02 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "c020cd609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 182
Strict-Transport-Security: max-age=157680000
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5847
Expires: Thu, 20 Oct 2022 18:00:01 GMT
Date: Thu, 20 Oct 2022 16:22:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5847
Expires: Thu, 20 Oct 2022 18:00:01 GMT
Date: Thu, 20 Oct 2022 16:22:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5847
Expires: Thu, 20 Oct 2022 18:00:01 GMT
Date: Thu, 20 Oct 2022 16:22:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F638eac9f-fba9-43ad-a54e-d70a9233253b.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F638eac9f-fba9-43ad-a54e-d70a9233253b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b38fcf82dcb60f48ee2b0df158d2eb6
14207b4845fc4c2c72a18a77cbcbe5f50aa9056e
4cff326ed72c61a05f1150ac1a5423b006915bbb25dfaa11dadab2c24e71de1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F638eac9f-fba9-43ad-a54e-d70a9233253b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5566
x-amzn-requestid: 0eb4a0a4-9659-4c49-81d4-cd605eceed66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRZKGEwzIAMFVbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506f0d-0bc0a25f4f5b1e893f448ae2;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:41:33 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HJ79GtM4BktNGSt8djSSWbAKtnICVZBOrIzKUg1mrJpV1j_xQqAMxQ==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:54:06 GMT
age: 66508
etag: "14207b4845fc4c2c72a18a77cbcbe5f50aa9056e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.regionsmortgage.com/jerrichamberlin
205.255.102.40302 Found : Moved Temporarily 11 kB URL HTTP/1.1 www.regionsmortgage.com/jerrichamberlin
IP 205.255.102.40:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ee7bd4412c0b0eb678b9d53b07bdd9a
a8ba1a075a9c5501d043b9b14c45ed6bcd684e68
2499b2c4414108ed742986b90ca2a1b60c3fd65a82a78322031263650e935c7e
GET /jerrichamberlin HTTP/1.1
Host: www.regionsmortgage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found : Moved Temporarily
Location: https://www.regions.com/MLO/jerrichamberlin
Connection: close
Cache-Control: no-cache
Pragma: no-cache
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 81216ad70664e969888ae7b13871fda0
6b15c7d7abb9ff1cc040853401ad5a39f81c19a4
7294e93d890b4c8eeb8383a67aac0be8b88cac5e0882865c9f38ade713157799
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9607
x-amzn-requestid: 590b20a6-039c-4c25-a61a-5f579c5b31f2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRZj6HZ7oAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506fb2-04b740c442ae735347b4e2c3;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bL5fVog2SuW8ZNt9a0ECc8jwcAELUBVo63LXPovdnIRxCRnsMWVvvQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:46:27 GMT
age: 66967
etag: "6b15c7d7abb9ff1cc040853401ad5a39f81c19a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-right.svg
205.255.47.100200 OK 178 B URL HTTP/1.1 www.regions.com/rdcresources/content/media/images/websiteimages/icon-arrow-right.svg
IP 205.255.47.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 3fdfa195b0c473d29f63646ffc634e37
1269b3601af214b36e1215d781c1042b192333ad
14bd0be8cfd82397404fec404f48f9994b2dd47fceb8a4f6b004d59803cade17
GET /rdcresources/content/media/images/websiteimages/icon-arrow-right.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/RDCResources/Content/rdc-ui.min.css?v=1.0.0.30012
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 1125568
Date: Fri, 07 Oct 2022 15:43:02 GMT
Cache-Control: max-age= 31536000,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: "c020cd609ab8d81:0"
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2022 15:50:19 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 178
Strict-Transport-Security: max-age=157680000
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F439223ef-e2fa-42fc-93f2-f5f60c5c8c47.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F439223ef-e2fa-42fc-93f2-f5f60c5c8c47.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2226e30d927e7b68afb0f0025a9e6533
88ef1b5e5c76c76281f94d5bb21d47876431a26f
dc48559888c87b6b7c13109a5f44333f9f4b2330939eb3c4c2d3203a47984af7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F439223ef-e2fa-42fc-93f2-f5f60c5c8c47.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10453
x-amzn-requestid: f9476efc-26f7-4b71-acb9-d6a07e5857c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRX9XEProAMFS_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d22-5f3f86da2e32b84c3911a69a;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J3tOE-6TDdWgQvo4mUNrN0JJINKLZqy5lS__rR6tRyHr6uCJRyWp6g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:44:48 GMT
age: 67066
etag: "88ef1b5e5c76c76281f94d5bb21d47876431a26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927829d0-802f-4d0d-b566-d5875b574c9a.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927829d0-802f-4d0d-b566-d5875b574c9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fd91971508ef6f5985a0017dfcdd73e
e94567c4fe3adade32f19c8c3053a486fe8c3ac9
34966351275d61a81528a5b5eedef55878d9f7b9c0af311ead9471dda8a02e41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927829d0-802f-4d0d-b566-d5875b574c9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7098
x-amzn-requestid: 2f4f7eac-181e-4fe2-b3de-5b22e9e9b9ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRYSPGRMIAMFZAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506da7-42ed935836382b62301fc3e5;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:35:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JJm8noqjbY7Y8effNKjyVb5D_zbRTxuCTLFif9a5lZLcTPard05YZA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:53:58 GMT
age: 66516
etag: "e94567c4fe3adade32f19c8c3053a486fe8c3ac9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f
205.255.47.100200 OK 98 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f
IP 205.255.47.100:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash 372bd7f2ff8ecf74e939d7d7e2ad94af
320244fbc60864b6662f3ae720817099bfaf3add
80d2097213a26f3ae12d5deae29efca6864f9cd0e7886a03812f0da841667207
GET /-/media/Images/Insights/Thumbnail/Personal/H-FAH-preparing-for-a-major-home-remodel-thumb.jpg?revision=cea5c952-835f-4735-af18-4850d9b0646f HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520784
Date: Fri, 14 Oct 2022 15:42:48 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f78551ee84504eef883b8b40efb13011
Content-Length: 98074
Content-Type: image/jpeg
Last-Modified: Mon, 01 Mar 2021 14:39:24 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="H-FAH-preparing-for-a-major-home-remodel-thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd
205.255.47.100200 OK 16 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd
IP 205.255.47.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 216x228, components 3\012- data
Hash 51dd85ef382069ec38904173a12e9812
e821e922c3f7a622b4d032032d8c13eaaa71013a
e0863c1bfa4b1cc0e2068765f09fc77f543a4caa33fdc6b41da08d3f28b9b6b0
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg?revision=d3ad0902-be59-443c-a8a8-980c0ba397cd HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520784
Date: Fri, 14 Oct 2022 15:42:48 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: ecc44ec6c3da494498bf2e82b723f903
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:15 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FH-Save-Money-Refinancing-Your-Mortgage.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 16468
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg?revision=bef24dc0-fea4-4d81-999e-3fcb5fc79dd3
205.255.47.100200 OK 34 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg?revision=bef24dc0-fea4-4d81-999e-3fcb5fc79dd3
IP 205.255.47.100:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash cddff7f07661de94582305c4455e96d7
e61aba41b7d7cc1b05560a1387824f82092cfd05
e6ddaffbc4e3f08ebe842ed529a3aaccbd23d6a140e5cc10db89b056f11e7105
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg?revision=bef24dc0-fea4-4d81-999e-3fcb5fc79dd3 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520784
Date: Fri, 14 Oct 2022 15:42:48 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 73176d8e641740558ec2903100565b1b
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:15 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FH-Questions_to_Ask_When_Considering_a_Home_Equity-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 33665
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a
205.255.47.100200 OK 21 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a
IP 205.255.47.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 432x456, components 3\012- data
Hash de1166a7dea4821e653419386f30ef80
849da63131c1f7333e790c7b8470beea90797a3d
73f81791ec41abc9a738979de0f83bd6c2efc70908e86047ff2b2aa5cdb62a60
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg?revision=015fa817-5dd3-4991-852e-0e106801180a HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520784
Date: Fri, 14 Oct 2022 15:42:48 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 8ca54c4c0b8e477093a82d2796b8587b
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2020 15:58:11 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-UYHE-Is_a_Home_Equity_Loan_or_Line_of_Credit_Right_for_you-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 20600
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8
205.255.47.100200 OK 22 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8
IP 205.255.47.100:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 432x456, components 3\012- data
Hash 43c3979dfaa872bee3d5ecd678b41551
efb2b3011959b7e59fdf8a0242fc69190eb85e4b
852995c5e7bd28d42e0086cac3de58ddbd9ef0161ade5267f3d16b09579dd6d4
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg?revision=fd9cddf8-1e36-4d44-a1ee-5aeef8da81e8 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 156517
Date: Tue, 18 Oct 2022 20:53:57 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 0bad9f02bd23408ba9830e28065b7798
Server: nginx
Content-Type: image/jpeg
Content-Length: 21773
Last-Modified: Fri, 11 Sep 2020 15:58:16 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FYH-Checklist_Closing_Costs_vs_Prepaid_Items-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg
205.255.47.100200 OK 940 B URL HTTP/1.1 www.regions.com/locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg
IP 205.255.47.100:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2699), with no line terminators
Hash c83395d617c81d10166217b9351ddd3d
cc2faff006102f6fffddc4ad5455391471459233
e9c2910517c5105adba61d2001a7ab4ad1f36b90e059fdc8464c6f851310f899
GET /locator/mlo/-/media/Images/Icon/icon-calendar/icon-calendar.svg HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520289
Date: Fri, 14 Oct 2022 15:51:04 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 280096ce24584f08ae4f82ec6e1611c5
Content-Type: image/svg+xml
Content-Encoding: br
Last-Modified: Wed, 03 Mar 2021 23:16:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="icon-calendar.svg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 940
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b
205.255.47.100200 OK 33 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b
IP 205.255.47.100:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 432x456, components 3\012- data
Hash a0fdb87f17a0891d20b4c7c7dd489ae3
e64540d9a8a47e946531663c1939a7595ac0da41
673948f25b84f697a6098cdb3880ed34ad8675ffd4b3c5b7c7c984a4a091a551
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg?revision=7359873d-ce42-45c7-bef6-35604caaf84b HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 156517
Date: Tue, 18 Oct 2022 20:53:57 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 8058e759fc414eed969f8bd2f43e85a0
Server: nginx
Content-Type: image/jpeg
Content-Length: 33076
Last-Modified: Fri, 11 Sep 2020 15:58:16 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-ThingsToKnowAboutAnAdjustableRateMortgage-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22
205.255.47.100200 OK 88 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22
IP 205.255.47.100:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2020:01:16 13:19:44], baseline, precision 8, 432x456, components 3\012- data
Hash c8841785cd39c7400eb055f52f4fd395
dcb5859dc36c50ab2727e2a9366d5c59551a4b28
1d47fb60ed8a9217554a061f114f98265f0241adeec6b7ecfe58b98a9ca9f137
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg?revision=69f08e28-6916-4f57-a2ed-a1f0ed32dc22 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 156517
Date: Tue, 18 Oct 2022 20:53:57 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: db4a6978e622401bbde4a35d3c2b7841
Server: nginx
Content-Type: image/jpeg
Content-Length: 88363
Last-Modified: Fri, 11 Sep 2020 15:58:05 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-applying-for-a-home-loan-podcast-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041
205.255.47.100200 OK 89 kB URL HTTP/1.1 www.regions.com/-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041
IP 205.255.47.100:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.0 (Macintosh), datetime=2020:01:16 13:59:30 DIY-Thermocam raw data\012- (Lepton 2.x), scale 21870-29766, spot sensor temperature 74893065746301681918931676168192.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 137438953472.000000], baseline, precision 8, 432x456, components 3\012- data
Hash 6f07089f352bd05fa11d90f30e6cc5e4
0cb2658df6969bd6b8be226965eb2c259f0ea20b
1d0f2941a7e38e37c07ab51df9d709e4711faee18fdba5382811abb70e061fa3
GET /-/media/Images/Insights/Thumbnail/Personal/P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg?revision=123ce605-bb6a-45a2-bee4-cfab482b5041 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 156517
Date: Tue, 18 Oct 2022 20:53:57 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: fbff9ae4cc204417b09fbc41995b15f9
Server: nginx
Content-Type: image/jpeg
Content-Length: 88747
Last-Modified: Fri, 11 Sep 2020 15:58:05 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="P-H-FAH-understanding-adjustable-rate-mortgages-podcast-Thumb.jpg"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Strict-Transport-Security: max-age=157680000
nexus.ensighten.com/regions/regions-prod-b/Bootstrap.js
54.230.111.63200 OK 76 kB URL HTTP/2 nexus.ensighten.com/regions/regions-prod-b/Bootstrap.js
IP 54.230.111.63:0
File type ASCII text, with very long lines (1435)
Hash c1c0cdd96bf6cf49af8a86211b0f3aa4
cd5b47f7afc751193b5d2cd5a234d721d76299c7
3296767da6fc42375fa134b22cb4f75585046770c691c07aa6e77b738d2eb9ae
GET /regions/regions-prod-b/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 11 Oct 2022 20:55:22 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Oct 2022 16:07:38 GMT
etag: W/"a0a63ddde5e42ea26e060c3455fa5c02"
x-amz-server-side-encryption: AES256
cache-control: max-age=300
x-amz-version-id: A8ku2O5eYWFoeXYI78241GHfiuM4ZYi2
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5bSJ2M-3UD5BeJkuNHXPDxGuoR-okCETc7VIXIUHWrT9vXX7-BKGaA==
age: 761232
X-Firefox-Spdy: h2
www.regions.com/-/media/Images/WebSiteImages/favicon.ico
205.255.47.100200 OK 9.7 kB URL HTTP/1.1 www.regions.com/-/media/Images/WebSiteImages/favicon.ico
IP 205.255.47.100:0
File type MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Hash 770326a3949eeac3b1b32f636a435b24
34e947c7883865ed4982b1108ff1d8d3225edaaf
d40069d6602b8db241d15a18513f0d26f783b9b012a46b7fca2bd4a23ccb5be1
GET /-/media/Images/WebSiteImages/favicon.ico HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False; Regions_SessionId=ca407399-8503-4aa0-81ec-4844edf58d84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520861
Date: Fri, 14 Oct 2022 15:41:32 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: c8a67602af18477991e64598d71384a6
Content-Type: image/x-icon
Last-Modified: Wed, 26 Jan 2022 21:49:47 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="favicon.ico"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 9662
Strict-Transport-Security: max-age=157680000
maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1666282965360
142.250.74.42200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1666282965360
IP 142.250.74.42:0
File type ASCII text, with very long lines (2493)
Hash 7a37f8a1766f1bb4e45b9cc05d9a3a86
1c3c1cc68cd1b46a4759a5734f683077db3fc988
a5e372c0fed04727c1477299273ff7549cc9887243cdb9409dc0c72620255c82
GET /maps/api/js?v=3.exp&libraries=places&client=gme-regionsbank&callback=REGIONS.maps.afterInit&_=1666282965360 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Thu, 20 Oct 2022 16:22:34 GMT
expires: Thu, 20 Oct 2022 16:52:34 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56198
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b2f2dcfbd83f14e6cfab306caf84f40a
7878417dc2a940724f1742721ea179bd57b8efd0
d302e4d1ca92105eef9efc2b8b2d8ee146077cc783febd962a0e3f44a408fc00
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nexus.ensighten.com/regions/regions-prod-b/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod-b/code/&publishedOn=Tue%20Oct%2011%2016:07:35%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven
54.230.111.63200 OK 402 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod-b/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod-b/code/&publishedOn=Tue%20Oct%2011%2016:07:35%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven
IP 54.230.111.63:0
File type ASCII text, with very long lines (401)
Hash 4a6e98756cd3e7a1b4a997119fbb8062
64a2fba16c76c989b4464313b302c5d381ef5288
927e77907bcad09a42028c876c6b1f2953f388f2ad669b6dcee5e1819615cfe6
GET /regions/regions-prod-b/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-prod-b/code/&publishedOn=Tue%20Oct%2011%2016:07:35%20GMT%202022&ClientID=1202&PageID=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 402
server: nginx
date: Thu, 20 Oct 2022 16:22:35 GMT
expires: Thu, 20 Oct 2022 16:22:34 GMT
cache-control: no-cache, no-store
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6iUyGPWMmY0UeVsSXcvyMrf5iR1MtXBiJp71UtQ-k_OSnD9IA1HGSQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 193d2d5278d7126ac87e3b5d25c73846
a113a1bd6d01cf7f17ecdd8c1d71405e3a680359
3cdc1c4dbdde26acb1eedba11b1aa3a93d8933dda59f777e6172feb9fa773f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nexus.ensighten.com/regions/regions-prod-b/code/acef90d6fb665cac7f2fbc7b3b0d8b8a.js?conditionId0=423026
54.230.111.63200 OK 106 kB URL HTTP/2 nexus.ensighten.com/regions/regions-prod-b/code/acef90d6fb665cac7f2fbc7b3b0d8b8a.js?conditionId0=423026
IP 54.230.111.63:0
File type ASCII text, with very long lines (586)
Size 106 kB (106385 bytes)
Hash 39bb374698769e98383f2c563a26578c
defd4edd25790884cc9a74b4077bd5a1c78ba44c
5a0f67b0b278526900ad5c6e19b9699eb7f8dc96e96a75e3a7d633998a941180
GET /regions/regions-prod-b/code/acef90d6fb665cac7f2fbc7b3b0d8b8a.js?conditionId0=423026 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 11 Oct 2022 20:55:24 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Oct 2022 16:07:38 GMT
etag: W/"da018c177ced1f31204676a2af2df460"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: ZP4heZhCq1HKJ1LYcjkJt46toI6ZbyOo
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0_3vHO4GE7U_ivmDtZ8Mah9_yWCTFFsGP3VvdmfO5bkCRC6sR33_kQ==
age: 761232
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash f78425a5670f1b3591d7759ed70d6633
f92603807256e16abaddd3697ff43fc74a86bc06
4a15251d6724c9eaec183470a6285fcaf3e76083287a227bdc51853ebd0ac2ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4423
Cache-Control: max-age=157547
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Etag: "635128ef-13a"
Expires: Sat, 22 Oct 2022 12:08:22 GMT
Last-Modified: Thu, 20 Oct 2022 10:54:39 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 193d2d5278d7126ac87e3b5d25c73846
a113a1bd6d01cf7f17ecdd8c1d71405e3a680359
3cdc1c4dbdde26acb1eedba11b1aa3a93d8933dda59f777e6172feb9fa773f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=8402956307551855&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
143.204.55.106200 OK 1.9 kB URL HTTP/2 live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=8402956307551855&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
IP 143.204.55.106:0
File type HTML document, ASCII text, with very long lines (1202)
Hash 5f42b7e7a1fdbcde1cfebc4deb5a410a
fbcaf432ded84346af5010014755f640edfdafb0
aaa04decdf4ee5a17a43314161bc0cfa9f399dc658a8644428cfe4a757725d55
GET /sync?c=16b6410431b6374e780104abb0443ca8&p=2f522f2cbc0fecebadd20f961aabdb13&k=regions-bank-pixel-8219&zmpID=regions-bank&cache_buster=8402956307551855&PageUrl=https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1875
date: Thu, 20 Oct 2022 16:22:35 GMT
set-cookie: zync-uuid=8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e:1666282955.333602; Domain=rezync.com; Expires=Tue, 18 Apr 2023 16:22:35 GMT; Path=/; SameSite=None; Secure
sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiOGQwZTMzODgtZGMxZS00ZTZmLTk3MjMtNGI5YmNiYmI5NzRlOjE2NjYyODI5NTUuMzMzNjAyIn0.Y1F1yw.1N42hH_MXW9WU9bMc3O4807bDZk; Expires=Tue, 18 Apr 2023 16:22:35 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -nc7N38AVEFhd_ARDA9mRgJh-Jq1dMNBiD4QY4-Uyg3eSe_AwMLJlg==
X-Firefox-Spdy: h2
t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
104.244.42.5200 OK 43 B URL HTTP/2 t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
IP 104.244.42.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:35 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=65b7ed2b-13db-4586-bb56-9a08380f26a2; Max-Age=63072000; Expires=Sat, 19 Oct 2024 16:22:35 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 282531572c760661
strict-transport-security: max-age=0
x-response-time: 102
x-connection-hash: 47b8309aa57a4b6a56ceb28c5ddf334898071a1e224fab7d7c74efe393dd2645
X-Firefox-Spdy: h2
cdn.boomtrain.com/p13n/regions-bank/p13n.min.js
143.204.55.95200 OK 25 kB URL HTTP/1.1 cdn.boomtrain.com/p13n/regions-bank/p13n.min.js
IP 143.204.55.95:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f252f0c157798eb108e4ea1d3be55463
7f7432dd27af93c9f16487b3bc364db93b806f4f
a4611d1560c0c51babcb75ac9a3e09d4a750c11a9341e8231588b991d28a6e1d
GET /p13n/regions-bank/p13n.min.js HTTP/1.1
Host: cdn.boomtrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 08:07:04 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Q5Jn6HV92h_ti63H2g7RShHK_pP5EnVN
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 20 Oct 2022 15:27:11 GMT
Cache-Control: public, max-age=3600
ETag: W/"a7672995780f9b7f9dafc93e2c1491f7"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qh8Lab4ZyET94N9u-jZ8mhpW4MUKH33GKByWkS4lZgPQk0qN2NxnMA==
Age: 3325
nexus.ensighten.com/error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059857&lnn=54&fn=https%3A%2F%2Fnexus.ensighten.com%2Fregions%2Fregions-prod-b%2FBootstrap.js&cid=1202&client=regions&publishPath=regions-prod-b&rid=-1&did=-1&errorName=DataDefinitionException
54.230.111.63204 No Content 0 B URL HTTP/2 nexus.ensighten.com/error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059857&lnn=54&fn=https%3A%2F%2Fnexus.ensighten.com%2Fregions%2Fregions-prod-b%2FBootstrap.js&cid=1202&client=regions&publishPath=regions-prod-b&rid=-1&did=-1&errorName=DataDefinitionException
IP 54.230.111.63:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=Invalid%20data%20definition%20used%3A%2059857&lnn=54&fn=https%3A%2F%2Fnexus.ensighten.com%2Fregions%2Fregions-prod-b%2FBootstrap.js&cid=1202&client=regions&publishPath=regions-prod-b&rid=-1&did=-1&errorName=DataDefinitionException HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: CloudFront
date: Thu, 20 Oct 2022 01:05:21 GMT
cache-control: no-cache, no-store
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rm9ELoB1wdTlb7tmzOl7VyYZgIG7fKYnSAKXBmPwTdnmR1fuC8VrVQ==
age: 55034
X-Firefox-Spdy: h2
p.teads.tv/teads-fellow.js
23.195.255.234200 OK 6.3 kB URL HTTP/1.1 p.teads.tv/teads-fellow.js
IP 23.195.255.234:0
File type ASCII text, with very long lines (19598), with no line terminators
Hash a56443f6a2e63001bbae1a6d09670ed1
40fe25a79535918df944040a8136335ab314b242
a36096c464a5e948ed551326481b2fe68098e6158142b60949c3b8e68c444135
GET /teads-fellow.js HTTP/1.1
Host: p.teads.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: AdI1VssuNsCOhgUerDGIrpQjn/W0k8wfpjwKiOjEtsyJIvILYtl2KWpzvQIJkyxP8EWH5hLUYKk=
x-amz-request-id: 68V7MEFA53C361J4
Last-Modified: Tue, 11 Oct 2022 07:50:30 GMT
ETag: "0b03c9342c548069ba01976f4b9418dc"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=110
Date: Thu, 20 Oct 2022 16:22:35 GMT
Content-Length: 6340
Connection: keep-alive
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=2B64F4CD9D5B6EF71D5FE68E9CAE6F9D; domain=.bing.com; expires=Tue, 14-Nov-2023 16:22:35 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 735AB40A994449DD858472EE03370F6C Ref B: OSL30EDGE0119 Ref C: 2022-10-20T16:22:35Z
date: Thu, 20 Oct 2022 16:22:35 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c33e6b2ef3778775912eaf5b7ba356d
5dfd778427d9add2e9640fc278819781e21ef84e
45473ddf904000369a2968f26ae3f948fd9121cdda72358f0f7ebc782c5fa2d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5781
Cache-Control: max-age=116412
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Etag: "635082f2-1d7"
Expires: Sat, 22 Oct 2022 00:42:47 GMT
Last-Modified: Wed, 19 Oct 2022 23:06:26 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.regions.com/-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353
205.255.47.100200 OK 926 kB URL HTTP/1.1 www.regions.com/-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353
IP 205.255.47.100:0
File type PNG image data, 1400 x 450, 8-bit/color RGBA, non-interlaced\012- data
Size 926 kB (926480 bytes)
Hash 869f6fce3cc41447159b757d89bc8ba7
e9e34caba119cb5727bf3324c4d897edd22ea1e6
8e8dcd035a49dabbf01d255019d0fca12bace4c39bbb8b3aa7373a1dadae49a5
GET /-/media/Images/DotCom/Generic/video-component-background.jpg?revision=bd3405f8-01e8-4334-ab30-0fa6d90ca353 HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False; Regions_SessionId=ca407399-8503-4aa0-81ec-4844edf58d84
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520289
Date: Fri, 14 Oct 2022 15:51:04 GMT
Cache-Control: max-age= 604800,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: f294c5922dab4c0da74893f259ffb939
Content-Type: image/png
Last-Modified: Tue, 04 Aug 2020 19:24:35 GMT
Accept-Ranges: bytes
Content-Disposition: inline; filename="video-component-background.png"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 926480
Strict-Transport-Security: max-age=157680000
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0120131e21fb30f0fea09414859f6c6
0f8fa86b759dca6cbbe65acec401fcb967b0befc
8db1ca703991b150a8226811d4992ea14575d1ad239178a166b5bad447ebbe4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 10c8dff7ca8a73c1b632d15cd7304b95
622aee6182568f9a9f425685bc3e1fd209bcddd2
48c115bd9a1ac4ac45eed3e2d7e6c98ed8451f5c546c3f71997c9365b253614f
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 20 Oct 2022 01:34:59 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ma3bhgvAy9Gd4RUutKGpNtlkgGbx4p9UKi9Wtp5isUZ-KUstjOazBQ==
Age: 53258
c1.rfihub.net/js/tc.min.js
54.230.111.57200 OK 6.2 kB URL HTTP/2 c1.rfihub.net/js/tc.min.js
IP 54.230.111.57:0
File type C source, ASCII text, with very long lines (19497)
Hash ab5a2e3f2414c0a2b622e48c0b6da2fd
1a894787bde6cbf9b58d47b8f4245607420112ad
a5ef19cf7ca85f760c462ed2f228430c8d0a6d9daf3aa34894a5c42113cfdb8f
GET /js/tc.min.js HTTP/1.1
Host: c1.rfihub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6162
date: Thu, 20 Oct 2022 15:43:40 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
expires: Thu, 20 Oct 2022 16:43:40 GMT
last-modified: Thu, 20 Oct 2022 15:43:30 GMT
content-encoding: gzip
server: Jetty(9.3.29.v20201019)
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: I2Ag9QoUKa2ccIvE8jyX-xyApmtwnYtohyVZzUwwCiQ9qlfx23BDZQ==
age: 2335
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash aaa112f7603cb3f6895c8b6850e85381
baba68cd1b7e46730edb4d2e459c00e224b3ac7d
5c90cefbb8ec0192c22a043cd95c9bfc602e3b19ecc1b868c7f33f52c5419b77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1908
Cache-Control: max-age=109664
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Etag: "635077b7-139"
Expires: Fri, 21 Oct 2022 22:50:19 GMT
Last-Modified: Wed, 19 Oct 2022 22:18:31 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
ct.pinterest.com/v3/?tid=2613483917557&noscript=1
151.101.84.84200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613483917557&noscript=1
IP 151.101.84.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613483917557&noscript=1 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
set-cookie: _pinterest_ct_ua="TWc9PSY1WjZqZHZpZW11SFBLbG5MczBqaUpBVHhIWkwwQ29xZHhxelIyM0Z0SHNWTlMyS01EN09JN0hrM2pKRlMzTFRtVllleEhDMkRPMkVEem5pWDU4UmJmUi9ENC82czRTeWJCbnYzU2Rnbnp4MD0mSCtnNzJqZ09FYk5ySHM4TzEvUDlQbFVCY0NNPQ=="; Expires=Fri, 20 Oct 2023 16:22:35 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 8934317221438105
date: Thu, 20 Oct 2022 16:22:35 GMT
x-cdn: fastly
content-length: 35
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc3be1f50e5bae23905ff7baee514016
0ca7ebbdc6bb9771c66708cc97a711f0e0b12248
8cff6e20893e92c97209ffc7e8359390d9d2771894ad8cddfdd7aae0d19d7685
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bcc635f2c83302f2d3e61ebe9183d8c5
9c5a45f7ea16fa6528a9bce8043f4c1e6f5ea302
e0118d5b4cb760deff107f5c304a00727f8bab7c2b571be1698da60a1f8ada0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5643
Cache-Control: max-age=94698
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Etag: "63502eaa-1d7"
Expires: Fri, 21 Oct 2022 18:40:53 GMT
Last-Modified: Wed, 19 Oct 2022 17:06:50 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 71875f848896ee82a106224e048bd060
277a624e507dff2cd9cff104aa0c5618ca76e105
a22635e404a419027fc88eee705d254910d05d481953733d5e1fda4bc6ab3c5b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: iORjKq/tPCRhxsuCyklLru8JOmkARDFUxfQ023PGd626aqFh/qQoXzwtD1Etutn+jYGs7tdqIKEftBf46eSWIg==
content-length: 27027
x-fb-trip-id: 1904183273
date: Thu, 20 Oct 2022 16:22:35 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/activity/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?247376183501.1501
142.250.74.102302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?247376183501.1501
IP 142.250.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?247376183501.1501 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 16:22:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?247376183501.1501&~oref=https://www.regions.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-Oct-2022 16:37:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.bttrack.com/js/44911/analytics/1.0/analytics.min.js
69.16.175.42200 OK 369 B URL HTTP/1.1 cdn.bttrack.com/js/44911/analytics/1.0/analytics.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (599), with no line terminators
Hash ad0eb0570078f9251ad5b5f6bde73010
c8787129ce4b915314a5c05be6812f74fb148945
80a9e2602c17d221fe8d16a24af2a9a7b477d0ce22e3e5e124575cea35953026
GET /js/44911/analytics/1.0/analytics.min.js HTTP/1.1
Host: cdn.bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:35 GMT
Connection: Keep-Alive
Cache-Control: max-age=48382
Content-Encoding: gzip
Content-Length: 369
Content-Type: text/javascript; charset=utf-8
Accept-Ranges: bytes
X-HW: 1666282955.dop232.sk1.t,1666282955.cds067.sk1.shn,1666282955.dop232.sk1.t,1666282955.cds229.sk1.c
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9913b2fe72036775e678417cac56a8df
27c2b0d99c3827f12c343763d8ba33c6e2d73188
32c6987be8e8c289fbb1f31350783dbc22003be71e80aa3d4acb293b434d805e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a2dfe6a73487f3bab385f57ac48493c9
03058d5bef6a2336884519ff32d0e66c0e1c42b3
3043efa283081661e131d627cb45a23e6c630b9fe425c22eb63b6d1b4a3ca279
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=21011282&Ver=2&mid=1d36ca4a-bb25-4166-8cb3-16821b097b98&sid=6ebf6b00509311ed8fc0fff3f600a4cd&vid=6ebf63c0509311eda73b3359668e5d84&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&kw=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&r=<=2793&evt=pageLoad&sv=1&rn=858586
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=21011282&Ver=2&mid=1d36ca4a-bb25-4166-8cb3-16821b097b98&sid=6ebf6b00509311ed8fc0fff3f600a4cd&vid=6ebf63c0509311eda73b3359668e5d84&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&kw=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&r=<=2793&evt=pageLoad&sv=1&rn=858586
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=21011282&Ver=2&mid=1d36ca4a-bb25-4166-8cb3-16821b097b98&sid=6ebf6b00509311ed8fc0fff3f600a4cd&vid=6ebf63c0509311eda73b3359668e5d84&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&kw=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&p=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&r=<=2793&evt=pageLoad&sv=1&rn=858586 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=115B28152EF96A7B23FC3A562F0C6BA1; domain=.bing.com; expires=Tue, 14-Nov-2023 16:22:35 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32DDCFCCFCF34CF38A178192535D72E2 Ref B: OSL30EDGE0119 Ref C: 2022-10-20T16:22:35Z
date: Thu, 20 Oct 2022 16:22:35 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e&e=PageView&script=0
37.252.173.38200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e&e=PageView&script=0
IP 37.252.173.38:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?pi=8d5f389a-2c0c-4c6f-bc78-444ec3a0890e&e=PageView&script=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 20 Oct 2022 16:22:35 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
pubads.g.doubleclick.net/activity;xsp=4958803;ord=9395209695698268?
216.58.211.2200 OK 42 B URL HTTP/2 pubads.g.doubleclick.net/activity;xsp=4958803;ord=9395209695698268?
IP 216.58.211.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /activity;xsp=4958803;ord=9395209695698268? HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 16:22:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-Oct-2022 16:37:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dc.ads.linkedin.com/collect/?pid=681506&fmt=gif
13.107.42.14302 Found 0 B URL HTTP/2 dc.ads.linkedin.com/collect/?pid=681506&fmt=gif
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect/?pid=681506&fmt=gif HTTP/1.1
Host: dc.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQK96DZBaeE-XgAAAYP2NCP-UONeVJ0cie72cH6whrgvp7qB8js2xq39SC-bjsRfrx-9-RNxpXXbrg; Max-Age=2592000; Expires=Sat, 19 Nov 2022 16:22:35 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLuXE3IcBu_JAAAAYP2NCP-wAr3YqS-4FkpZlHh9tBBqELs0IZyOW2TXzXAIt5Fk-IlaMVRsObJVzFxxw2gyQ; Max-Age=2592000; Expires=Sat, 19 Nov 2022 16:22:35 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&7fdcf9ae-4da6-42e0-811b-3eecee6f16cd"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 20-Oct-2023 16:22:35 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2411:u=1:x=1:i=1666282955:t=1666369355:v=2:sig=AQGqYuGCWlmDRzFSqr446ex-f7-lk23C"; Expires=Fri, 21 Oct 2022 16:22:35 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXrebusa4OFonSWXJ+mLA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: CDBF162C8CC8456D87307065214A1DD6 Ref B: OSL30EDGE0515 Ref C: 2022-10-20T16:22:35Z
date: Thu, 20 Oct 2022 16:22:35 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c33e6b2ef3778775912eaf5b7ba356d
5dfd778427d9add2e9640fc278819781e21ef84e
45473ddf904000369a2968f26ae3f948fd9121cdda72358f0f7ebc782c5fa2d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5781
Cache-Control: max-age=116412
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Etag: "635082f2-1d7"
Expires: Sat, 22 Oct 2022 00:42:47 GMT
Last-Modified: Wed, 19 Oct 2022 23:06:26 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 8766c5a801f08afceca9b66ff9097e6a
ce7640d1d166eddeb9d40be642ec34652f790713
f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 20 Oct 2022 16:22:35 GMT
expires: Thu, 20 Oct 2022 16:22:35 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb1eb1a7a821970a8245c75a70f9e90b
9e5ca6a7b8f96bb84fb71bc8a1c8c883897e92f4
8dc86f423b6be42c9e146a6d0f07749e0a6131099184097b79dfe137b8ed9426
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1406
Cache-Control: max-age=133663
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Etag: "6350d76c-1d7"
Expires: Sat, 22 Oct 2022 05:30:18 GMT
Last-Modified: Thu, 20 Oct 2022 05:06:52 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0120131e21fb30f0fea09414859f6c6
0f8fa86b759dca6cbbe65acec401fcb967b0befc
8db1ca703991b150a8226811d4992ea14575d1ad239178a166b5bad447ebbe4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc3be1f50e5bae23905ff7baee514016
0ca7ebbdc6bb9771c66708cc97a711f0e0b12248
8cff6e20893e92c97209ffc7e8359390d9d2771894ad8cddfdd7aae0d19d7685
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&buyer_pixel_id=5995
23.195.255.234200 OK 134 B URL HTTP/1.1 cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&buyer_pixel_id=5995
IP 23.195.255.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 55ae2ac7f3e85d156a6442e33a177e7e
00fed693a9c587fa7c89d3a0841cd9b7d2f21959
6a97eebdc2715338c6426530a3856fe6a936e1996efccb636cd9b3a7d5b5c577
GET /v2/advertiser?referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&buyer_pixel_id=5995 HTTP/1.1
Host: cm.teads.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Origin: https://www.regions.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 134
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Observe-Browsing-Topics: ?1
Origin-Trial: A9jSBs0DOsjz9/WX9Wd0ZjB1r7PJRE/iw6kr2deG9/tKPmVWiJbNETWxDSd2bIBY5sroZAJQjz56T0zCPJm14QAAAAB+eyJvcmlnaW4iOiJodHRwczovL3RlYWRzLnR2OjQ0MyIsImZlYXR1cmUiOiJQcml2YWN5U2FuZGJveEFkc0FQSXMiLCJleHBpcnkiOjE2Njk3NjYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
Expires: Thu, 20 Oct 2022 16:22:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 20 Oct 2022 16:22:35 GMT
Connection: keep-alive
bat.bing.com/p/action/21011282.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/21011282.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/21011282.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=13FED07B5D906D092C06C2385C656C4B; domain=.bing.com; expires=Tue, 14-Nov-2023 16:22:35 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1B06B5E9B125427D995CFB892A10492A Ref B: OSL30EDGE0119 Ref C: 2022-10-20T16:22:35Z
date: Thu, 20 Oct 2022 16:22:35 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/1013536406/?random=1666282966799&cv=9&fst=1666282966799&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/1013536406/?random=1666282966799&cv=9&fst=1666282966799&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1013536406/?random=1666282966799&cv=9&fst=1666282966799&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 16:22:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1013536406/?random=1666282966799&cv=9&fst=1666282966799&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/24c6f8bd/www-widgetapi.vflset/www-widgetapi.js
142.250.74.78200 OK 53 kB URL HTTP/2 www.youtube.com/s/player/24c6f8bd/www-widgetapi.vflset/www-widgetapi.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (817)
Hash ffc5366634472eca0172905056e7daed
26d6b9579db9c4ce30a460ded9590c335cbc648d
f0805c8d6201641c6af85b39e7b750ab5fd2b7ac61fb41ed26015ac014e04a1e
GET /s/player/24c6f8bd/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 52758
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 07:56:01 GMT
expires: Fri, 20 Oct 2023 07:56:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 19 Oct 2022 00:20:59 GMT
content-type: text/javascript
age: 30394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 98eb39a8c874650d2e8fe7e70c8ffc9f
8e6069b2c92d3f6be9caffef93edbee13706d3e6
b84f4791529fad05d5c153b89ccfbe32be10ca8f0567112b1356459558861a2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1rxt&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:35 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_eVyLJ5iW03gRdqphsUfZVA=="; Max-Age=63072000; Expires=Sat, 19 Oct 2024 16:22:35 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 7549840119918844
strict-transport-security: max-age=631138519
x-response-time: 110
x-connection-hash: c13c02e853363f6f0f6ff85585c45570394c6e6a35c56460dddc58f146ff9d46
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9913b2fe72036775e678417cac56a8df
27c2b0d99c3827f12c343763d8ba33c6e2d73188
32c6987be8e8c289fbb1f31350783dbc22003be71e80aa3d4acb293b434d805e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6894994e02f8f5ba7b41315e467ec514
20381d88239721ae42a0637d67417a19b41af581
df9e40affa62e2ef3a0797b0fbb3093c9906ce8254a035f547553d563a329505
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f1d84c16a3ffa75031203b365ac00c7
62aada579ae36878230e95e6c1fc1b861da3c833
f8d6e8720b0ec42352f15f39dc3a65b0ce8695b3cbd4fc9ad2bf68147b9574a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4995
Cache-Control: max-age=166418
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "6351495c-1d7"
Expires: Sat, 22 Oct 2022 14:36:14 GMT
Last-Modified: Thu, 20 Oct 2022 13:13:00 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
rules.quantcount.com/rules-p-AMy7w2y7nzRg3.js
54.230.111.16200 OK 222 B URL HTTP/2 rules.quantcount.com/rules-p-AMy7w2y7nzRg3.js
IP 54.230.111.16:0
Hash 91338acd9f357367ba2e127f42326aed
2bf73e49b85716a3aaeded5e0e85046fb30e39ea
0b05aa0628fbe20e5842c7782041141ea89bdd714245c5c352283266e6eb4aa1
GET /rules-p-AMy7w2y7nzRg3.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 222
last-modified: Thu, 13 Oct 2022 22:22:02 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Thu, 20 Oct 2022 16:22:35 GMT
cache-control: max-age=3600
etag: "91338acd9f357367ba2e127f42326aed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OYEZM5C5Os7JLeo5isN9lnJdpwQs1CmJuX6oB5MizV0w2Be5HWjFlQ==
age: 3550
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1666282966794&cv=9&fst=1666282966794&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1666282966794&cv=9&fst=1666282966794&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2470), with no line terminators
Hash 3cdc7943d53486f907cb21157bdb1fc3
25776643e94ecbc3b7a389afc00d90885cd1736d
276500e63e681c201b55690427e4de9681890f2243253e557ef690152991382c
GET /pagead/viewthroughconversion/1013536406/?random=1666282966794&cv=9&fst=1666282966794&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 16:22:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1094
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-Oct-2022 16:37:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1666282966253
34.249.106.217200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1666282966253
IP 34.249.106.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&ts=1666282966253 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Content-Type: application/x-www-form-urlencoded
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-07bc8010b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: eikWHf/lRSs=
Content-Length: 124
Connection: keep-alive
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D681506%26fmt%3Dgif%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&0e0870b4-1130-44b9-8d94-bf422b88269d"; Domain=.linkedin.com; Expires=Fri, 20-Oct-2023 16:22:35 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&2022102016223592b28348-acb3-42d4-8462-eca4f548dc2fAQGvH6Gg8gy-zl7u6EMA89K1um-cXU_u"; Domain=.www.linkedin.com; Expires=Fri, 20-Oct-2023 16:22:35 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjYyODI5NTU7MjswMjFezxPuE9mYHuozAkpT+5hW83rHPB5aHgVAJHsRm06lrg==; Domain=.linkedin.com; Expires=Tue, 18 Apr 2023 16:22:35 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2403:u=1:x=1:i=1666282955:t=1666369355:v=2:sig=AQGo8tqowSmRNvOD2qlAFUAC32iC0EAz"; Expires=Fri, 21 Oct 2022 16:22:35 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com *.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXrebuu9ML3x/LitHUgAQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BD277145A45146C7AE02E33C70652D8D Ref B: OSL30EDGE0515 Ref C: 2022-10-20T16:22:35Z
date: Thu, 20 Oct 2022 16:22:35 GMT
content-length: 0
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1666282966799&cv=9&fst=1666282966799&num=1&fmt=3&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966>m_ee=1&hn=www.google.com&gcp=1&ct_cookie_present=1&async=1
142.250.74.98200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1013536406/?random=1666282966799&cv=9&fst=1666282966799&num=1&fmt=3&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966>m_ee=1&hn=www.google.com&gcp=1&ct_cookie_present=1&async=1
IP 142.250.74.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1013536406/?random=1666282966799&cv=9&fst=1666282966799&num=1&fmt=3&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966>m_ee=1&hn=www.google.com&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 16:22:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-Oct-2022 16:37:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f1d84c16a3ffa75031203b365ac00c7
62aada579ae36878230e95e6c1fc1b861da3c833
f8d6e8720b0ec42352f15f39dc3a65b0ce8695b3cbd4fc9ad2bf68147b9574a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4995
Cache-Control: max-age=166418
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "6351495c-1d7"
Expires: Sat, 22 Oct 2022 14:36:14 GMT
Last-Modified: Thu, 20 Oct 2022 13:13:00 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
adservice.google.com/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?247376183501.1501&~oref=https://www.regions.com/
142.250.74.2302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?247376183501.1501&~oref=https://www.regions.com/
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?247376183501.1501&~oref=https://www.regions.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 16:22:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?247376183501.1501&~oref=https://www.regions.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/959581806/?random=1666282966807&cv=9&fst=1666282966807&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/959581806/?random=1666282966807&cv=9&fst=1666282966807&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2468), with no line terminators
Hash ab82db11f4ba5d69abdd5990fe4dbd3b
e10d4c507dd9997fbcb2ee9d30463382535e265f
d46c3577d9a2f580e5b4aa2df4c4bbd7376e353ebcb828aac812071767d3b335
GET /pagead/viewthroughconversion/959581806/?random=1666282966807&cv=9&fst=1666282966807&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 16:22:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1094
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-Oct-2022 16:37:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2e068e8086ec3befd1d2be95803f9064
2629d3ae8dd23c86df4d8da47f01fc7eeb848afa
58bcbaabe5cd821de7220ac881bc4c85fa98242a17c327363abba6bc33dff4aa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 02:15:48 GMT
Expires: Wed, 26 Oct 2022 02:15:47 GMT
Etag: "2629d3ae8dd23c86df4d8da47f01fc7eeb848afa"
Cache-Control: max-age=466990,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d317db4fc8b503-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash f53926b52c4c8aa347fe6417124bb8d8
9158fb137df7f373c3b571c8c89a45019b79d4b3
1a7ac8f3de94c09c9c44604495c2c7355149fbcbd2a47e6b550534f8ea7b2c1c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105756
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "63506b1e-1d7"
Expires: Fri, 21 Oct 2022 21:45:12 GMT
Last-Modified: Wed, 19 Oct 2022 21:24:46 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G3Kc0I0KePEV3_Ljhpa3q2TRNuIIjfeTCbfiYYLcdnx87sFNZ9p1qQ==
Age: 1226
sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175658&he=start&auid=regio0
76.13.32.146200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10175658&he=start&auid=regio0
IP 76.13.32.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /spp.pl?a=10000&.yp=10175658&he=start&auid=regio0 HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
expires: Thu, 20 Oct 2022 16:22:36 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBMx1UWMCEFzZ2_gnkp1HC5knJMJ1qFYFEgEBAQHHUmNbYwAAAAAA_eMAAA&S=AQAAApMXNTrNHaq6dxNXVd1BPZs; Expires=Fri, 20 Oct 2023 22:22:36 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f0b55633a85caa84bbab66d84cfeaefd
f26db3965219030d152064bc0893b6e2bfcb4957
6f74b2dc627a54e47e4f1ac97fae03d25e5557d2b7e6efd4856e929788e9f956
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.teads.tv/track?action=pageView&env=js-web&tag_version=6.7.0_8ae4570&buyer_pixel_id=5995&referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&user_session_id=e161c490-1055-4588-b018-2e98a5005de7
23.38.201.50200 OK 23 B URL HTTP/2 t.teads.tv/track?action=pageView&env=js-web&tag_version=6.7.0_8ae4570&buyer_pixel_id=5995&referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&user_session_id=e161c490-1055-4588-b018-2e98a5005de7
IP 23.38.201.50:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /track?action=pageView&env=js-web&tag_version=6.7.0_8ae4570&buyer_pixel_id=5995&referer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&user_session_id=e161c490-1055-4588-b018-2e98a5005de7 HTTP/1.1
Host: t.teads.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 23
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 20 Oct 2022 16:22:36 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=499108531775714&ev=PageView&dl=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&rl=&if=false&ts=1666282966962&sw=1280&sh=1024&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666282966961.641817933&it=1666282966741&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=499108531775714&ev=PageView&dl=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&rl=&if=false&ts=1666282966962&sw=1280&sh=1024&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666282966961.641817933&it=1666282966741&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=499108531775714&ev=PageView&dl=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&rl=&if=false&ts=1666282966962&sw=1280&sh=1024&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666282966961.641817933&it=1666282966741&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 20 Oct 2022 16:22:36 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 038718f2af2127c43a536906536901d6
7443f6c69b456b9b6d91f274ee2d395d30851dac
78909b697ea6987336df513055387483bbaf4b78bfe9be1ebee8e009aa1704ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 81fdbedab751064ebc5e65ee871c166d
66093c28406733f11bc80247aa669acae6fca850
c3e7afff876beb618a3e39747e85bb68f93284e83e48d705a451568e55bb44c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pxl.jivox.com/tags/re/pxrc.php?px=0603424bd9904a&ret=img&cData=Universal_Page_View&us_privacy=true
18.207.40.242200 OK 43 B URL HTTP/2 pxl.jivox.com/tags/re/pxrc.php?px=0603424bd9904a&ret=img&cData=Universal_Page_View&us_privacy=true
IP 18.207.40.242:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /tags/re/pxrc.php?px=0603424bd9904a&ret=img&cData=Universal_Page_View&us_privacy=true HTTP/1.1
Host: pxl.jivox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: image/gif
content-length: 43
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
pragma: no-cache
access-control-allow-origin: *
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
access-control-allow-headers: content-type
set-cookie: jvxsync=tkOZtjOIOH4m; Path=/; Domain=.jivox.com; Expires=Wed, 18-Jan-2023 16:22:36 GMT; Max-Age=7776000; Secure; SameSite=None
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Jetty(9.4.39.v20210325)
X-Firefox-Spdy: h2
20839218p.rfihub.com/ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Fwww.regions.com%2F&pe=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&pf=&ra=8819289805552707
193.0.160.129200 OK 2.7 kB URL HTTP/1.1 20839218p.rfihub.com/ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Fwww.regions.com%2F&pe=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&pf=&ra=8819289805552707
IP 193.0.160.129:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2675), with no line terminators
Hash 9b59144b6a9f7e9d5bb76bb6e9b725f7
dc08786369a054f5b47256c3e241fc63505b6eae
46d7069a30b6b8143489a68d2aaaed01ba1a257a2075232ac3324e482dd2ee7d
GET /ca.html?ver=9&rb=46121&ca=20839218&cust1=https%3A%2F%2Fwww.regions.com%2F&pe=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&pf=&ra=8819289805552707 HTTP/1.1
Host: 20839218p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:36 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_5vFyGtoZmZmZGFkaWpmaGS8Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYafxMrmn5uNPei8RcJo_IfofEBI9aTYSABAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 14 Nov 2023 16:22:36 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjEzMzE2N7MwNBXiM9T1yfUIcXP3SPJJNC4CAGQ3BRUlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjEzMzE2N7MwNBXiM9T1yfUIcXP3SPJJNC4CAGQ3BRUlAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 14 Nov 2023 16:22:36 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2675
Server: Jetty(9.3.29.v20201019)
www.google.no/pagead/1p-user-list/959581806/?random=1666282966807&cv=9&fst=1666281600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=2558974215&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/959581806/?random=1666282966807&cv=9&fst=1666281600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=2558974215&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/959581806/?random=1666282966807&cv=9&fst=1666281600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=2558974215&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 16:22:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/1013536406/?random=1666282966799&cv=9&fst=1666282966799&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/1013536406/?random=1666282966799&cv=9&fst=1666282966799&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1013536406/?random=1666282966799&cv=9&fst=1666282966799&num=1&label=F0kQCIWIgqYBEJatpeMD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&ig=0&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&auid=2058968192.1666282966>m_ee=1&hn=www.google.com&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 16:22:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3f290cedd01b4a81b6a04cc063ffae78
bee7247a8fe4989960ee73053fd70ac45859b066
9a334b44fbaf8c430e23d564b2ccc751f1313d60bfe545b49ab4f56cf8d9323d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1208
Cache-Control: max-age=144646
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "6351031a-1d7"
Expires: Sat, 22 Oct 2022 08:33:22 GMT
Last-Modified: Thu, 20 Oct 2022 08:13:14 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 038718f2af2127c43a536906536901d6
7443f6c69b456b9b6d91f274ee2d395d30851dac
78909b697ea6987336df513055387483bbaf4b78bfe9be1ebee8e009aa1704ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?247376183501.1501&~oref=https://www.regions.com/
216.58.207.226200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?247376183501.1501&~oref=https://www.regions.com/
IP 216.58.207.226:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=9100576;type=pv;cat=regio0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?247376183501.1501&~oref=https://www.regions.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 16:22:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1013536406/?random=1666282966794&cv=9&fst=1666281600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=2951668289&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1013536406/?random=1666282966794&cv=9&fst=1666281600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=2951668289&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1013536406/?random=1666282966794&cv=9&fst=1666281600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaah0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&tiba=Southaven%20Mortgage%20Lender%20%7C%20Jerri%20Chamberlin%20%7C%20Regions&async=1&fmt=3&is_vtc=1&random=2951668289&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 16:22:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pxl.jivox.com/tags/conv/pxre.php?px=26019adec57560&us_privacy=true
18.207.40.242200 OK 43 B URL HTTP/2 pxl.jivox.com/tags/conv/pxre.php?px=26019adec57560&us_privacy=true
IP 18.207.40.242:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /tags/conv/pxre.php?px=26019adec57560&us_privacy=true HTTP/1.1
Host: pxl.jivox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: image/gif
content-length: 43
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
pragma: no-cache
access-control-allow-origin: *
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
server: Jetty(9.4.39.v20210325)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 038718f2af2127c43a536906536901d6
7443f6c69b456b9b6d91f274ee2d395d30851dac
78909b697ea6987336df513055387483bbaf4b78bfe9be1ebee8e009aa1704ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
13.107.42.14200 OK 65 B URL HTTP/2 px.ads.linkedin.com/collect?pid=681506&fmt=gif&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 8b0d5b18476ae12e2476f3621d54c4a5
2ad669e9d207fbb37e84dda25766dbaeb66d792c
2d7244b6960d26ae56f048f162f02949ca7858be19d9349ec82906e56dfa3cfe
GET /collect?pid=681506&fmt=gif&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 65
content-type: image/gif
content-encoding: gzip
vary: Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&84c74246-0bf9-4dd9-82c2-8db4c4963e5a"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 20-Oct-2023 16:22:36 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2411:u=1:x=1:i=1666282956:t=1666369356:v=2:sig=AQFt7_Ece_pqyp2Bv3O0blvnkgxlF64N"; Expires=Fri, 21 Oct 2022 16:22:36 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXrebux5ym6aqqGq9dnTA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4D371810CB774850ACF068E1161D56E1 Ref B: OSL30EDGE0515 Ref C: 2022-10-20T16:22:36Z
date: Thu, 20 Oct 2022 16:22:35 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 81fdbedab751064ebc5e65ee871c166d
66093c28406733f11bc80247aa669acae6fca850
c3e7afff876beb618a3e39747e85bb68f93284e83e48d705a451568e55bb44c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiOGQwZTMzODgtZGMxZS00ZTZmLTk3MjMtNGI5YmNiYmI5NzRlOjE2NjYyODI5NTUuMzMzNjAyIn19&site_id=regions-bank
52.45.201.131200 OK 146 B URL HTTP/1.1 people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiOGQwZTMzODgtZGMxZS00ZTZmLTk3MjMtNGI5YmNiYmI5NzRlOjE2NjYyODI5NTUuMzMzNjAyIn19&site_id=regions-bank
IP 52.45.201.131:0
File type JSON data\012- , ASCII text
Hash f908b97bd39aaa923059a72db98f5296
f0d8585fec90af83967e774493aa28a29c07cdc3
1513da614267b266ffd60d786f6af94d863a4fe29cdbb8895b713ff0f5e5d11b
GET /identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiOGQwZTMzODgtZGMxZS00ZTZmLTk3MjMtNGI5YmNiYmI5NzRlOjE2NjYyODI5NTUuMzMzNjAyIn19&site_id=regions-bank HTTP/1.1
Host: people.api.boomtrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Origin: *
Content-Type: application/json
Date: Thu, 20 Oct 2022 16:22:36 GMT
Server: nginx
Content-Length: 146
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aabc73f979f7f32b714be48fae04ebab
4ab63460eed61aa33b73c40142cebc5e73f602f1
93286a433b4d30e4bb2a8b826783401aed70360fa473556abe17ff479f813b4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6119
Cache-Control: max-age=157834
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "6351236f-1d7"
Expires: Sat, 22 Oct 2022 12:13:10 GMT
Last-Modified: Thu, 20 Oct 2022 10:31:11 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.regions.com/-/media/js/mp_linkcode.js
205.255.47.100200 OK 681 B URL HTTP/1.1 www.regions.com/-/media/js/mp_linkcode.js
IP 205.255.47.100:0
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 662fd21e25a8269185df8c993bfd251d
4da619e51fa6a54e5ffcdd7d826c1e5550a67840
f9465098d4cfa9edb9fed28c3eceb6bd3251c3fb011e86d1fa8f27bf1a680ceb
GET /-/media/js/mp_linkcode.js HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False; Regions_SessionId=ca407399-8503-4aa0-81ec-4844edf58d84; _gcl_au=1.1.2058968192.1666282966; btIdentify=59eb0ca8-b677-479c-a563-86194fa289a3; _bti=%7B%22bsin%22%3A%22%22%7D; _bts=76eafaee-46f6-4436-f4e3-aee709182627; _uetsid=6ebf6b00509311ed8fc0fff3f600a4cd; _uetvid=6ebf63c0509311eda73b3359668e5d84; __qca=P0-2082689654-1666282966776; tfpsi=e161c490-1055-4588-b018-2e98a5005de7; _fbp=fb.1.1666282966961.641817933
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520864
Date: Fri, 14 Oct 2022 15:41:31 GMT
Cache-Control: max-age= 604743,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 32fbff40b5ed4dcfb4de06b0179c338b
Content-Type: application/x-javascript
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2016 21:09:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="mp_linkcode.js"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 681
Strict-Transport-Security: max-age=157680000
www.regions.com/-/media/js/oo_engine.js
205.255.47.100200 OK 15 kB URL HTTP/1.1 www.regions.com/-/media/js/oo_engine.js
IP 205.255.47.100:0
Hash 54216df51ccc54b91647f46e6324a5d1
35cf90a9b3fe6579456b237653cd652dd86fc347
7e268465893e047076cb3331536cd5762cebc6f6e96a5d17a7c16165fda220d0
GET /-/media/js/oo_engine.js HTTP/1.1
Host: www.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/locator/mlo/mortgage-loan-officer-jerri-chamberlin-southaven
Cookie: NSC_SED-XXX.SFHJPOT.DPN-9.3-80_mc=ffffffff09af2e0a45525d5f4f58455e445a4a423660; ASP.NET_SessionId=tdknfj3ibpz2jwmjft1g23wc; SC_ANALYTICS_GLOBAL_COOKIE=24a3031b43dd486fb02c84c86906daa9|False; Regions_SessionId=ca407399-8503-4aa0-81ec-4844edf58d84; _gcl_au=1.1.2058968192.1666282966; btIdentify=59eb0ca8-b677-479c-a563-86194fa289a3; _bti=%7B%22bsin%22%3A%22%22%7D; _bts=76eafaee-46f6-4436-f4e3-aee709182627; _uetsid=6ebf6b00509311ed8fc0fff3f600a4cd; _uetvid=6ebf63c0509311eda73b3359668e5d84; __qca=P0-2082689654-1666282966776; tfpsi=e161c490-1055-4588-b018-2e98a5005de7; _fbp=fb.1.1666282966961.641817933
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Age: 520864
Date: Fri, 14 Oct 2022 15:41:31 GMT
Cache-Control: max-age= 596298,public
Connection: Keep-Alive
Via: NS-CACHE:
ETag: 6bf959c8100849ea8da66ecf3fc7ab49
Content-Type: application/x-javascript
Content-Encoding: br
Last-Modified: Thu, 25 Aug 2016 21:09:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Disposition: inline; filename="oo_engine.js"
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
Content-Length: 15048
Strict-Transport-Security: max-age=157680000
ib.adnxs.com/setuid?entity=18&code=5109685624664376815
37.252.173.38307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=18&code=5109685624664376815
IP 37.252.173.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=18&code=5109685624664376815 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 20 Oct 2022 16:22:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685624664376815
AN-X-Request-Uuid: c0955d7d-b883-4979-9975-26b66765ac4c
Set-Cookie: uuid2=3891964752417707731; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 18-Jan-2023 16:22:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685624664376815&redir=
34.249.106.217302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685624664376815&redir=
IP 34.249.106.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=1121&dpuuid=5109685624664376815&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-06a78a427.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685624664376815&redir=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=04526309159447611540160164333565038384; Max-Age=15552000; Expires=Tue, 18 Apr 2023 16:22:36 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: a3s9oPOkRUk=
Content-Length: 0
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d64b80748b3f4de91c927bf24d428e51
28bcdadb72fe86e4635eaefe394167acb9696e03
741308620b9a47da089ae9e6161616e5443ee54f2aa317638686f931e4760ad8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=143059
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "6351019f-1d7"
Expires: Sat, 22 Oct 2022 08:06:55 GMT
Last-Modified: Thu, 20 Oct 2022 08:06:55 GMT
Server: nginx
Content-Length: 471
live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685624664376815&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven
143.204.55.106302 Found 657 B URL HTTP/2 live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685624664376815&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (571)
Hash f250dc8a0a4738557bc6adc2ed4c9fd4
20172703e6d2008020869e6dd2dea982af367ced
5b911a682984ec1677c99d435b04048cdc2d3a2591e39667df9d7d0de7b8beaf
GET /pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685624664376815&referrer=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Cookie: zync-uuid=8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e:1666282955.333602; sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiOGQwZTMzODgtZGMxZS00ZTZmLTk3MjMtNGI5YmNiYmI5NzRlOjE2NjYyODI5NTUuMzMzNjAyIn0.Y1F1yw.1N42hH_MXW9WU9bMc3O4807bDZk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 657
location: https://p.rfihub.com/cm?pub=39342&in=0&userid=8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e%3A1666282955.333602&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e%253A1666282955.333602
date: Thu, 20 Oct 2022 16:22:36 GMT
set-cookie: zync-uuid=8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e:1666282955.333602; Domain=rezync.com; Expires=Tue, 18 Apr 2023 16:22:36 GMT; Path=/; SameSite=None; Secure
sd-session-id=.eJwNykEOgyAQAMC_7FkaYGFZ-IwR2CaklTZiLzX-XY-TzAHzV7Z16dJ3SPv2kwnKu90akA4Y7b_KCxJ4oyOxJ-uIHAZi4-GcYMgY7dPnVu_DVQsis6rFiHJCTxWDReVyzCXnHIOTZIjIso3ePxCRtIXzApxkJeM.Y1F1zA.AP-hxn2zUF6ba_jZVRm1cb__Wr4; Expires=Tue, 18 Apr 2023 16:22:36 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: da56l03Zq738FEz3h1VqP2dOdE9Pex1J6c2fRRfhBLwOj-LVSv2ovg==
X-Firefox-Spdy: h2
smetrics.regions.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&ts=1666282967040
13.36.218.177200 OK 48 B URL HTTP/2 smetrics.regions.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&ts=1666282967040
IP 13.36.218.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 21dc371995ed36dd4694b66b26fba682
226649bb23ee2385a6e944ba6437353866a8c300
b5a67c730d1b6debd64fa397ff7747671d1bdb1d4da64d668f45a82381f060ba
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&ts=1666282967040 HTTP/1.1
Host: smetrics.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Cookie: _gcl_au=1.1.2058968192.1666282966; btIdentify=59eb0ca8-b677-479c-a563-86194fa289a3; _bti=%7B%22bsin%22%3A%22%22%7D; _bts=76eafaee-46f6-4436-f4e3-aee709182627; _uetsid=6ebf6b00509311ed8fc0fff3f600a4cd; _uetvid=6ebf63c0509311eda73b3359668e5d84; __qca=P0-2082689654-1666282966776; tfpsi=e161c490-1055-4588-b018-2e98a5005de7; _fbp=fb.1.1666282966961.641817933
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: https://www.regions.com
access-control-allow-credentials: true
date: Thu, 20 Oct 2022 16:22:36 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_DB9639725BD2FC5B0A495C65%40AdobeOrg=0%7CMCMID%7C03809217377307367124420284911719933700; Path=/; Domain=regions.com; Max-Age=63072000; Expires=Sat, 19 Oct 2024 16:22:22 GMT;
s_ecid=MCMID%7C03809217377307367124420284911719933700; Path=/; Domain=regions.com; Max-Age=63072000; Expires=Sat, 19 Oct 2024 16:22:22 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685624664376815
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685624664376815
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=rkt&ovsid=5109685624664376815 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3092845563580293000V10; Expires=Fri, 20 Oct 2023 16:22:36 GMT; domain=.media.net; Path=/;
data-rk=5109685624664376815~~3;Expires=Thu, 19 Oct 2023 16:22:36 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Thu, 20 Oct 2022 16:22:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 16:22:36 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685624664376815
37.252.173.38200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685624664376815
IP 37.252.173.38:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685624664376815 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 20 Oct 2022 16:22:36 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 5978b617-c44d-4a15-9ed8-29d647ebf8b8
Set-Cookie: anj=dTM7k!M4/YErk#WF']wIg2C%uLQ>Kb!@wnfH8KAM.xpH^Gmi[pFpGilEs8DdEs$VtErtD(I=CnDAdsb_!AXTO:4=sB!$v'6?zhrz; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 18-Jan-2023 16:22:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd99ae96a1d9cfb9bffb833a29992944
8be8165013e27a26546815fa171b5837148dd410
a99155b839456fbda7db1c86dc8e8db346ec0579199bafff725ae5dc2f4d84ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2884
Cache-Control: max-age=117144
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "63509120-1d7"
Expires: Sat, 22 Oct 2022 00:55:00 GMT
Last-Modified: Thu, 20 Oct 2022 00:06:56 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685624664376815
23.38.201.22200 OK 43 B URL HTTP/2 x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685624664376815
IP 23.38.201.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /e/rocketfuel_sync?na_exid=5109685624664376815 HTTP/1.1
Host: x.dlx.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
expires: Thu, 20 Oct 2022 16:22:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 20 Oct 2022 16:22:36 GMT
strict-transport-security: max-age=2628000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c24b97beee320f5bfdcdbfbfaf1f8a7f
543cc15be43cebcc5fda267df2ca8708bb38008f
25992571d9b3bc2a76d038e801c34b868c9a5b2bbb04ceaafeedc00c49d21dd2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137375
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "6350dfcb-1d7"
Expires: Sat, 22 Oct 2022 06:32:11 GMT
Last-Modified: Thu, 20 Oct 2022 05:42:35 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3Yhw6OTsd188LyqQbNJ0oZAqEChEJ-cJ4yvIKInw06QsC2vu48dYSQ==
Age: 2976
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685624664376815&redir=
34.249.106.217200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685624664376815&redir=
IP 34.249.106.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685624664376815&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v044-08580ef78.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: NGRuBmq0RNE=
Content-Length: 59
Connection: keep-alive
pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5109685624664376815&
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5109685624664376815&
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=13490&nid=2596&put=5109685624664376815& HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4
Content-Type: image/gif
p.rfihub.com/cm?pub=24472&in=1
193.0.160.129302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=24472&in=1
IP 193.0.160.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=24472&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 16:22:36 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_7vFwmtoZmZmZGFkaWpmZmIIAFmtFgkQAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 14 Nov 2023 16:22:36 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0NjQwNzc3MrI0MrUwM7c0NBfiM9QNigoNiDQ38PMzDXEBAL9-3XIlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0NjQwNzc3MrI0MrUwM7c0NBfiM9QNigoNiDQ38PMzDXEBAL9-3XIlAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 14 Nov 2023 16:22:36 GMT; Secure; SameSite=None
Location: https://ps.eyeota.net/match?uid=5131077722925867917&bid=omt9pi0
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e4ec060e40a017e905d37ff0d4dc6f59
69d50e027afb70c7eecb2e08453fc90d5588fcc9
89aeba99b586d4383c1984889fdfd23d36551bf9bd10d765d306e31a5045cc61
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4648
Cache-Control: max-age=115672
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "6350847c-1d7"
Expires: Sat, 22 Oct 2022 00:30:28 GMT
Last-Modified: Wed, 19 Oct 2022 23:13:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b6378221a0a35478828f1031f9307888
8828c54afe26cc0f41e5799a5b63f888021f9b52
2e609852e391e799467b273399c1264e31adc2f7dac2caf2313811f08ba3541e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 13:42:56 GMT
Expires: Wed, 26 Oct 2022 13:42:55 GMT
Etag: "8828c54afe26cc0f41e5799a5b63f888021f9b52"
Cache-Control: max-age=508218,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d317de0bdfb503-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 91cf7126078c0a508fd0a1394767e4d3
0a93a018f194a03ec7a9ff3f4fdba14fdbacf468
585cfc24d6fa1758ac758640235696ac18697db3d52efeb2d9af9c46152ab17c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106895
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "63506f5d-1d7"
Expires: Fri, 21 Oct 2022 22:04:11 GMT
Last-Modified: Wed, 19 Oct 2022 21:42:53 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oxhcLXqAwgpXaUr3gzPlULlm1hn-56eyNfNt95Gc0RcphIH7ZwbiBw==
Age: 1278
bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
35.156.94.146200 OK 0 B URL HTTP/2 bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
IP 35.156.94.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D HTTP/1.1
Host: bs.serving-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-length: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 490d3a149fd1cbfec379ced137710747
9bbbf10b80cef3342a2ddbaf31a4afbbae2f1e2d
b6fe4b22769cf48e95f1823b1bd656e6978ef4f9e9be77a902eae462621b3a82
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4222
Cache-Control: max-age=133623
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "6350cc45-1d7"
Expires: Sat, 22 Oct 2022 05:29:39 GMT
Last-Modified: Thu, 20 Oct 2022 04:19:17 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
p.rfihub.com/cm?pub=39342&in=0&userid=8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e%3A1666282955.333602&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e%253A1666282955.333602
193.0.160.129302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=39342&in=0&userid=8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e%3A1666282955.333602&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e%253A1666282955.333602
IP 193.0.160.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=39342&in=0&userid=8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e%3A1666282955.333602&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e%253A1666282955.333602 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 16:22:36 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: euds=H4sIAAAAAAAA_wXBwRHAIAgEwE_aIaMcnmA5KCkklbv7P_TTCnCXs3uJFT-JqRDLyJ2ZMa1WJ6muMcYLgE0v3zyM8jkAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_z3IsRWAIAwFwAmsmCM-yIdP4jiBOJCl09p55T2FtmsCZrJXS-nJW3wqpIfHigifPa9GUk19jBMAq77l-I-c-ACYfYUdSQAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 14 Nov 2023 16:22:36 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0NjQwNzc3MrI0MrUwM7c0shDiM9QtDsvMTgnUrbKM90sHAOvEWbUlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0NjQwNzc3MrI0MrUwM7c0shDiM9QtDsvMTgnUrbKM90sHAOvEWbUlAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 14 Nov 2023 16:22:36 GMT; Secure; SameSite=None
Location: https://idsync.rlcdn.com/501709.gif?partner_uid=8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e%3A1666282955.333602
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685624664376815&img=1
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685624664376815&img=1
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7180&uid=5109685624664376815&img=1 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 20 Oct 2022 16:22:36 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=68c85a9e-5093-11ed-aa91-1bf9ad920306; expires=Thu, 17-Nov-2022 16:22:36 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7180&uid=5109685624664376815&img=1&__user_check__=1&sync_id=68c85ad8-5093-11ed-aa91-1bf9ad920306
X-fe: 138
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 22495c1f857164f9b7c2279128451a9b
db34fd5012dd547b6aa82b2e6b36a71b58eb45f7
e969690639e381b60b7a39131e9809f4998e9f1f1c43082f738904b32b71c795
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 20 Oct 2022 16:22:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 20 Oct 2022 00:22:18 GMT
Expires: Fri, 21 Oct 2022 00:22:18 GMT
ETag: "db34fd5012dd547b6aa82b2e6b36a71b58eb45f7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&d_mid=03809217377307367124420284911719933700&ts=1666282967501
34.249.106.217200 OK 1.3 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&d_mid=03809217377307367124420284911719933700&ts=1666282967501
IP 34.249.106.217:0
File type JSON data\012- , ASCII text, with very long lines (3729), with no line terminators
Hash 54cad33fb34ee8e41ed72c25a12b47f2
f74155b6b81a398d7b805fd055786cc395799f05
aae83b13101aab23b737586efbefaf7fea091e2256230126861bd988bb710fb2
GET /id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&d_nsid=0&d_mid=03809217377307367124420284911719933700&ts=1666282967501 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.regions.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v044-0b6db8e1c.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=09561686662402872693843173219005835113; Max-Age=15552000; Expires=Tue, 18 Apr 2023 16:22:36 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: B6S7DCqJT/Q=
Content-Length: 1275
Connection: keep-alive
idsync.rlcdn.com/360947.gif?partner_uid=5109685624664376815
35.244.174.68200 OK 42 B URL HTTP/2 idsync.rlcdn.com/360947.gif?partner_uid=5109685624664376815
IP 35.244.174.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /360947.gif?partner_uid=5109685624664376815 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=CDDWDJ9NBTa2GBE076DD2VbXO8Rkm5drV6k9qRA8XdU=; Path=/; Domain=rlcdn.com; Expires=Fri, 20 Oct 2023 16:22:36 GMT; Secure; SameSite=None
pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Mon, 19 Dec 2022 16:22:36 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Thu, 20 Oct 2022 16:22:36 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash f9c1cae9390f4faa2bbbcdc4feee49a1
22ba4d182eac1eaf09560b19f59a13ca49211533
926d9afec1ef4f63e1c7671ce4926f2fd45f65dbd7db4478442771c5c79588b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5989
Cache-Control: max-age=139677
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "6350dd04-2d7"
Expires: Sat, 22 Oct 2022 07:10:33 GMT
Last-Modified: Thu, 20 Oct 2022 05:30:44 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 727
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685624664376815&forward=
185.80.36.245302 Found 0 B URL HTTP/1.1 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685624664376815&forward=
IP 185.80.36.245:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=57&external_user_id=5109685624664376815&forward= HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 20 Oct 2022 16:22:36 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /rum?cm_dsp_id=57&external_user_id=5109685624664376815&forward=&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=Y1F1zI7KS19HJI3cUzyfFwAA; Path=/; Domain=casalemedia.com; Expires=Fri, 20 Oct 2023 16:22:36 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4357; Path=/; Domain=casalemedia.com; Expires=Wed, 18 Jan 2023 16:22:36 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4357; Path=/; Domain=casalemedia.com; Expires=Wed, 18 Jan 2023 16:22:36 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
idsync.rlcdn.com/501709.gif?partner_uid=8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e%3A1666282955.333602
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/501709.gif?partner_uid=8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e%3A1666282955.333602
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /501709.gif?partner_uid=8d0e3388-dc1e-4e6f-9723-4b9bcbbb974e%3A1666282955.333602 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjY4ZDBlMzM4OC1kYzFlLTRlNmYtOTcyMy00YjliY2JiYjk3NGU6MTY2NjI4Mjk1NS4zMzM2MDIQABoNCMzrxZoGEgUI6AcQAEIASgA
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Mon, 19 Dec 2022 16:22:36 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Thu, 20 Oct 2022 16:22:36 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685624664376815
54.216.245.122204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685624664376815
IP 54.216.245.122:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner_id=rfuel&partner_user_id=5109685624664376815 HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 20 Oct 2022 16:22:36 GMT
set-cookie: _kuid_=PJkb5USe; Expires=Tue, 18-Apr-23 16:22:36 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n012-dub-prod.krxd.net
x-request-time: D=34 t=1666282956
X-Firefox-Spdy: h2
bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2244911%22%2C%22sessionId%22%3A%223fd4d2a0-595e-4ded-89c0-2a02b6a432a8%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
192.132.33.46200 OK 0 B URL HTTP/2 bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2244911%22%2C%22sessionId%22%3A%223fd4d2a0-595e-4ded-89c0-2a02b6a432a8%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
IP 192.132.33.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2244911%22%2C%22sessionId%22%3A%223fd4d2a0-595e-4ded-89c0-2a02b6a432a8%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: text/plain
content-encoding: gzip
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track001-iad
date: Thu, 20 Oct 2022 16:22:35 GMT
content-length: 0
X-Firefox-Spdy: h2
sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
151.101.86.49302 Found 0 B URL HTTP/2 sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
IP 151.101.86.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~Y1F1zAAB1UnbHQAT; Path=/; Domain=.everesttech.net; Expires=Fri, 20-Oct-2023 16:22:36 GMT; Max-Age=31536000
location: https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y1F1zAAB1UnbHQAT
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Thu, 20 Oct 2022 16:22:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666282957.661683,VS0,VE91
cache-control: no-cache
pragma: no-cache
content-length: 0
X-Firefox-Spdy: h2
aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685624664376815
34.252.144.191200 OK 43 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685624664376815
IP 34.252.144.191:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /adscores/g.pixel?sid=9212192898&rf=5109685624664376815 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: image/gif
content-length: 43
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
X-Firefox-Spdy: h2
bttrack.com/engagement/getpixels?gid=44911
192.132.33.46200 OK 0 B URL HTTP/2 bttrack.com/engagement/getpixels?gid=44911
IP 192.132.33.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engagement/getpixels?gid=44911 HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: text/html
content-encoding: gzip
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track001-iad
date: Thu, 20 Oct 2022 16:22:35 GMT
content-length: 0
X-Firefox-Spdy: h2
a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
193.0.160.129200 OK 42 B URL HTTP/1.1 a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
IP 193.0.160.129:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /cm?pub=445&in=0&forward=&google_error=3 HTTP/1.1
Host: a.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:36 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_-NicjUO4jU0MzMzsjCyNDUzNzcCAM_gzkkTAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 14 Nov 2023 16:22:36 GMT; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjG3BCIDI2NTIT5DXc-IHOdE3TC3guTgdAADW0_gJQAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 14 Nov 2023 16:22:36 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjG3BCIDI2NTIT5DXc-IHOdE3TC3guTgdAADW0_gJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
euds=H4sIAAAAAAAA_-NicjUGAEAxo38EAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 42
Server: Jetty(9.3.29.v20201019)
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=1202&i=8veivj&p=regions-prod-b&s=344&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjowLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAGAiLCJ0eXBbAPAPYmlsbGluZyIsInN0YXJ0IjoxNjY2MjgyOTY3MjUxZADAZCI6LTEsInNvdXJjMgACKwBhdHVzIjoiZgBAYXNvbmUA1F0sImRhdGFQYXR0ZXISALBsaXN0IjpbXSwiaRYB8AA2NjYyODI5NjcyNTF9XX0
34.242.179.188204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=1202&i=8veivj&p=regions-prod-b&s=344&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjowLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAGAiLCJ0eXBbAPAPYmlsbGluZyIsInN0YXJ0IjoxNjY2MjgyOTY3MjUxZADAZCI6LTEsInNvdXJjMgACKwBhdHVzIjoiZgBAYXNvbmUA1F0sImRhdGFQYXR0ZXISALBsaXN0IjpbXSwiaRYB8AA2NjYyODI5NjcyNTF9XX0
IP 34.242.179.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=0&c=1202&i=8veivj&p=regions-prod-b&s=344&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjowLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAGAiLCJ0eXBbAPAPYmlsbGluZyIsInN0YXJ0IjoxNjY2MjgyOTY3MjUxZADAZCI6LTEsInNvdXJjMgACKwBhdHVzIjoiZgBAYXNvbmUA1F0sImRhdGFQYXR0ZXISALBsaXN0IjpbXSwiaRYB8AA2NjYyODI5NjcyNTF9XX0 HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 20 Oct 2022 16:22:36 GMT
expires: Thu, 20 Oct 2022 16:22:35 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 56395a1eef252e410e2b8c232ee9f12d
23296fb95dcf5d4329f4292159e842501561a658
bee81d3c83deff45525618425b5e4ceb714ccf29a3ad5ddd052e43a2c912093d
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 09:01:04 GMT
Expires: Wed, 26 Oct 2022 09:01:03 GMT
Etag: "23296fb95dcf5d4329f4292159e842501561a658"
Cache-Control: max-age=600641,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1649
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75d317dfff3e0b45-OSL
sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685624664376815&img=1&__user_check__=1&sync_id=68c85ad8-5093-11ed-aa91-1bf9ad920306
185.94.180.126200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5109685624664376815&img=1&__user_check__=1&sync_id=68c85ad8-5093-11ed-aa91-1bf9ad920306
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7180&uid=5109685624664376815&img=1&__user_check__=1&sync_id=68c85ad8-5093-11ed-aa91-1bf9ad920306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Oct 2022 16:22:36 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=68da13fe-5093-11ed-9f00-1d21b9eb0406; expires=Thu, 17-Nov-2022 16:22:36 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 73
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9c4033a6ce01b19d489dd670be864cae
de33c17cc2c9ac700313d0a6eaff831d3c79d5bc
c7af312b72da60b19d9744436bb76ba5adc601879a3b46ac3db14cf707b9ecf2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87523
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "63502219-1d7"
Expires: Fri, 21 Oct 2022 16:41:19 GMT
Last-Modified: Wed, 19 Oct 2022 16:13:13 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9TGJ88eHt1xR0ikNXu_t-p0nNsf15U1QiMxVu6ufxTxORynJtoU_4g==
Age: 1686
sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y1F1zAAB1UnbHQAT
151.101.86.49200 OK 85 B URL HTTP/2 sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y1F1zAAB1UnbHQAT
IP 151.101.86.49:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 5bec6606b8392065f9da9898ca6f7b14
73ac5b01b5e3293fb792179626e7f8369cdb944d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
GET /ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y1F1zAAB1UnbHQAT HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Thu, 20 Oct 2022 16:22:36 GMT
via: 1.1 varnish
age: 2836
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 4458
x-timer: S1666282957.804816,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b6378221a0a35478828f1031f9307888
8828c54afe26cc0f41e5799a5b63f888021f9b52
2e609852e391e799467b273399c1264e31adc2f7dac2caf2313811f08ba3541e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 13:42:56 GMT
Expires: Wed, 26 Oct 2022 13:42:55 GMT
Etag: "8828c54afe26cc0f41e5799a5b63f888021f9b52"
Cache-Control: max-age=508218,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d317dfcfd30b31-OSL
idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjY4ZDBlMzM4OC1kYzFlLTRlNmYtOTcyMy00YjliY2JiYjk3NGU6MTY2NjI4Mjk1NS4zMzM2MDIQABoNCMzrxZoGEgUI6AcQAEIASgA
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/1000.gif?memo=CM3PHhJACjwIARAFGjY4ZDBlMzM4OC1kYzFlLTRlNmYtOTcyMy00YjliY2JiYjk3NGU6MTY2NjI4Mjk1NS4zMzM2MDIQABoNCMzrxZoGEgUI6AcQAEIASgA
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1000.gif?memo=CM3PHhJACjwIARAFGjY4ZDBlMzM4OC1kYzFlLTRlNmYtOTcyMy00YjliY2JiYjk3NGU6MTY2NjI4Mjk1NS4zMzM2MDIQABoNCMzrxZoGEgUI6AcQAEIASgA HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CMzrxZoGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Mon, 19 Dec 2022 16:22:36 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Thu, 20 Oct 2022 16:22:36 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
smetrics.regions.com/b/ss/regionsbankprod/10/JS-2.22.3/s52530845943041?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=20%2F9%2F2022%2016%3A22%3A47%204%200&d.&nsid=0&jsonv=1&.d&mid=03809217377307367124420284911719933700&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=rdc%7Clocator%7Cmortgage%20loan%20officer%20jerri%20chamberlin%20southaven&g=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=locator&server=www.regions.com&events=event1&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=rdc&h1=D%3Dv1&c2=D%3Dv2&v2=mlo&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=mortgage%20loan%20officer%20jerri%20chamberlin%20southaven&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1280x939&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c23=D%3Dv10&v68=22.3.2%7C2.22.3%7C4.4.0%7C20220801&c75=D%3Dv68&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1
13.36.218.177200 OK 3.7 kB URL HTTP/2 smetrics.regions.com/b/ss/regionsbankprod/10/JS-2.22.3/s52530845943041?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=20%2F9%2F2022%2016%3A22%3A47%204%200&d.&nsid=0&jsonv=1&.d&mid=03809217377307367124420284911719933700&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=rdc%7Clocator%7Cmortgage%20loan%20officer%20jerri%20chamberlin%20southaven&g=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=locator&server=www.regions.com&events=event1&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=rdc&h1=D%3Dv1&c2=D%3Dv2&v2=mlo&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=mortgage%20loan%20officer%20jerri%20chamberlin%20southaven&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1280x939&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c23=D%3Dv10&v68=22.3.2%7C2.22.3%7C4.4.0%7C20220801&c75=D%3Dv68&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1
IP 13.36.218.177:0
File type ASCII text, with very long lines (3685)
Hash 8ead38406d4cab1cbb2a0ad0275da79c
b13e849c74fdbe2cb7399f81543b9f559cca7263
843dcfe7568209a19dcfabe014439cbc3a60472167232830c596a07f1b3502d2
GET /b/ss/regionsbankprod/10/JS-2.22.3/s52530845943041?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=20%2F9%2F2022%2016%3A22%3A47%204%200&d.&nsid=0&jsonv=1&.d&mid=03809217377307367124420284911719933700&aamlh=6&ce=UTF-8&ns=regions&cdp=2&pageName=rdc%7Clocator%7Cmortgage%20loan%20officer%20jerri%20chamberlin%20southaven&g=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&c.&apl=4.0&getPreviousValue=3.0&getPercentPageViewed=5.0&manageVars=3.0&.c&cc=USD&ch=locator&server=www.regions.com&events=event1&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=D%3Dv1&v1=rdc&h1=D%3Dv1&c2=D%3Dv2&v2=mlo&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=mortgage%20loan%20officer%20jerri%20chamberlin%20southaven&c4=D%3Dg&v4=D%3Dg&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1280x939&c8=D%3Dv8&c9=D%3Dv9&v9=%7C&v10=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&v12=D%3Dmid&v18=anonymous&c19=D%3DpageName&c23=D%3Dv10&v68=22.3.2%7C2.22.3%7C4.4.0%7C20220801&c75=D%3Dv68&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1 HTTP/1.1
Host: smetrics.regions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Cookie: _gcl_au=1.1.2058968192.1666282966; btIdentify=59eb0ca8-b677-479c-a563-86194fa289a3; _bti=%7B%22app_id%22%3A%22regions-bank%22%2C%22bsin%22%3A%22E74srKSol%2FfAlana9OoIJNdSXE0Xa7V44F3xer%2B9w5GXI5Ho%2FA9IuHwGLuFVD61p3bAHmkDPUhWsv2yL5x50Iw%3D%3D%22%2C%22is_identified%22%3Afalse%7D; _bts=76eafaee-46f6-4436-f4e3-aee709182627; _uetsid=6ebf6b00509311ed8fc0fff3f600a4cd; _uetvid=6ebf63c0509311eda73b3359668e5d84; __qca=P0-2082689654-1666282966776; tfpsi=e161c490-1055-4588-b018-2e98a5005de7; _fbp=fb.1.1666282966961.641817933; AMCV_DB9639725BD2FC5B0A495C65%40AdobeOrg=1585540135%7CMCMID%7C03809217377307367124420284911719933700%7CMCAID%7CNONE%7CMCOPTOUT-1666290167s%7CNONE%7CMCAAMLH-1666887767%7C6%7CMCAAMB-1666887767%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C4.4.0; s_ecid=MCMID%7C03809217377307367124420284911719933700; AMCVS_DB9639725BD2FC5B0A495C65%40AdobeOrg=1; s_lang=en; gpv_pn=rdc%7Clocator%7Cmortgage%20loan%20officer%20jerri%20chamberlin%20southaven; s_ips=939; s_tp=2785; s_ppv=rdc%257Clocator%257Cmortgage%2520loan%2520officer%2520jerri%2520chamberlin%2520southaven%2C34%2C34%2C939%2C1%2C2; s_cc=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Thu, 20 Oct 2022 16:22:36 GMT
expires: Wed, 19 Oct 2022 16:22:36 GMT
last-modified: Fri, 21 Oct 2022 16:22:36 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C03809217377307367124420284911719933700; Path=/; Domain=regions.com; Max-Age=63072000; Expires=Sat, 19 Oct 2024 16:22:22 GMT;
etag: 3578315402110992384-4619843585754527733
vary: *
dcs: dcs-prod-irl1-2-v044-066fbe967.edge-irl1.demdex.com 4 ms
x-aam-tid: odnt3iK2Q/k=
content-type: application/x-javascript;charset=utf-8
content-length: 3686
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a91a539a99bcec316d188e892b45b1dc
21b974f63c55f52935e2f838a649ea8291e38344
e120ad6962d8e3812917a5f8a287396a8dfac369d2c73515d2ac2f4b1f2fe49e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1220
Cache-Control: max-age=144662
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "6351031e-117"
Expires: Sat, 22 Oct 2022 08:33:38 GMT
Last-Modified: Thu, 20 Oct 2022 08:13:18 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
bpi.rtactivate.com/tag/?id=11017&user_id=5109685624664376815
34.232.208.82200 OK 43 B URL HTTP/2 bpi.rtactivate.com/tag/?id=11017&user_id=5109685624664376815
IP 34.232.208.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tag/?id=11017&user_id=5109685624664376815 HTTP/1.1
Host: bpi.rtactivate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685624664376815&forward=&C=1
185.80.36.245200 OK 43 B URL HTTP/1.1 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685624664376815&forward=&C=1
IP 185.80.36.245:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=57&external_user_id=5109685624664376815&forward=&C=1 HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:36 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
Pragma: no-cache
Content-Length: 43
Keep-Alive: timeout=1, max=499
Connection: Keep-Alive
ps.eyeota.net/match?uid=5131077722925867917&bid=omt9pi0
3.125.70.222200 OK 0 B URL HTTP/1.1 ps.eyeota.net/match?uid=5131077722925867917&bid=omt9pi0
IP 3.125.70.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?uid=5131077722925867917&bid=omt9pi0 HTTP/1.1
Host: ps.eyeota.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20839218p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Set-Cookie: SERVERID=24465~DM; Domain=eyeota.net; Path=/; Expires=Thu, 20 Oct 2022 16:32:36 GMT; Secure; SameSite=None;
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Content-Length: 0
Date: Thu, 20 Oct 2022 16:22:36 GMT
regions.demdex.net/dest5.html?d_nsid=undefined
52.211.12.99200 OK 2.8 kB URL HTTP/1.1 regions.demdex.net/dest5.html?d_nsid=undefined
IP 52.211.12.99:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=undefined HTTP/1.1
Host: regions.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 20 Oct 2022 16:22:36 GMT
DCS: dcs-prod-irl1-2-v044-0b90976ca.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 17 Oct 2022 12:31:01 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: +vxUtdI5RTk=
transfer-encoding: chunked
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6d00604fba3d8fac6a1ed8a1353d646b
4c22ca26d376923ee0025d69048f675cc63e6628
058a88cbf2709153c9bb6183ee05e6e98b242b0973e0d7113f7c9d842485ec1c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 13:56:49 GMT
Expires: Tue, 25 Oct 2022 13:56:48 GMT
Etag: "4c22ca26d376923ee0025d69048f675cc63e6628"
Cache-Control: max-age=422651,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d317dfadcbb503-OSL
x.bidswitch.net/sync?dsp_id=119&user_id=5109685624664376815&expires=30
3.120.143.86302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=119&user_id=5109685624664376815&expires=30
IP 3.120.143.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=119&user_id=5109685624664376815&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 20 Oct 2022 16:22:36 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5109685624664376815&expires=30
Set-Cookie: tuuid=b82da1cb-3d0b-4e00-8064-af572604a1d9; path=/; expires=Fri, 20-Oct-2023 16:22:36 GMT; domain=.bidswitch.net; samesite=none; secure
c=1666282956; path=/; expires=Fri, 20-Oct-2023 16:22:36 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1666282956; path=/; expires=Fri, 20-Oct-2023 16:22:36 GMT; domain=.bidswitch.net; samesite=none; secure
c=1666282956; path=/; expires=Fri, 20-Oct-2023 16:22:36 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7d16cec068047bd398f3f99bf4eec70a
f8e4195ee77fdfed4e25c8cdfab42382a00e2936
ac6091a27b1a6a003fcba451523b954499a49b8a737ecf046237ec2420ac72c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=138388
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 16:22:36 GMT
Etag: "6350ef60-1d7"
Expires: Sat, 22 Oct 2022 06:49:05 GMT
Last-Modified: Thu, 20 Oct 2022 06:49:04 GMT
Server: nginx
Content-Length: 471
siteintercept.qualtrics.com/dxjsmodule/1.abd4c1d883bf4b225b59.chunk.js?Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.208.240200 OK 6.7 kB URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/1.abd4c1d883bf4b225b59.chunk.js?Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.208.240:0
File type ASCII text, with very long lines (28783), with no line terminators
Hash b320b0f50e076003054e6a88c0c5ad4a
8d01a081acbbd865a8e4ecf9a7e2d2c9b0bbce86
acf51e16abce5a31cf47151c6e8c8c452344309aab67f98659239bb13240cf0f
GET /dxjsmodule/1.abd4c1d883bf4b225b59.chunk.js?Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: application/javascript
cf-ray: 75d317e04cebb51d-OSL
access-control-allow-origin: *
age: 214907
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"7380-183c2d70130"
last-modified: Mon, 10 Oct 2022 17:00:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=29568
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1527eb19257254f70ce0e184c87adc02
5627da3e828bbc9d74d670516857c057952e07fa
4381685e26dabf253e70e5a706d3ac45d5b0188c9eb046adeb380048edc38796
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 03:43:28 GMT
Expires: Wed, 26 Oct 2022 03:43:27 GMT
Etag: "5627da3e828bbc9d74d670516857c057952e07fa"
Cache-Control: max-age=472250,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d317e0483c0b31-OSL
lptag.liveperson.net/tag/tag.js?site=60208595
178.249.101.23200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=60208595
IP 178.249.101.23:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=60208595 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:37 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
events.api.boomtrain.com/event/track
52.45.50.76200 OK 2 B URL HTTP/2 events.api.boomtrain.com/event/track
IP 52.45.50.76:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /event/track HTTP/1.1
Host: events.api.boomtrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 567
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:37 GMT
content-length: 2
server: nginx
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
access-control-allow-methods: GET, PUT, POST, DELETE
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 7474252ab37b74254783bf3591e536ed
7f8df398a3956882a510a20a0142c9ad85582d64
fba1cf2d22d24fcd5b852bf84ad9fc3c12d81144747adb145b1b8fcfb7a38ea9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161959
Date: Thu, 20 Oct 2022 16:22:37 GMT
Etag: "6351468a-1d7"
Expires: Sat, 22 Oct 2022 13:21:56 GMT
Last-Modified: Thu, 20 Oct 2022 13:00:58 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pGDfVrEt0_C4fLpOGokZFw9NXLQTA-SXhyAuhYYUgQC9CbeSu-sArA==
Age: 1258
cm.everesttech.net/cm/dd?d_uuid=09561686662402872693843173219005835113
34.248.32.199302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=09561686662402872693843173219005835113
IP 34.248.32.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=09561686662402872693843173219005835113 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Thu, 20 Oct 2022 16:22:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y1F1zQAAAIjrFQN-; Domain=.everesttech.net; Expires=Fri, 20-Oct-2023 16:22:37 GMT; Path=/
everest_session_v2=Y1F1zQAAAIjrFgN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1F1zQAAAIjrFQN-
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y1F1zQAAAIjrFQN-
34.249.106.217302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y1F1zQAAAIjrFQN-
IP 34.249.106.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y1F1zQAAAIjrFQN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-0460362a2.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y1F1zQAAAIjrFQN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=18857534090638318573944921093667914315; Max-Age=15552000; Expires=Tue, 18 Apr 2023 16:22:37 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Rsl0HLZLQ60=
Content-Length: 0
Connection: keep-alive
siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_d6XJAZtXw3FDrIp&Version=9&Q_InterceptID=SI_9ZSfygjz9UlZlBP&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web
104.17.208.240200 OK 2.3 kB URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_d6XJAZtXw3FDrIp&Version=9&Q_InterceptID=SI_9ZSfygjz9UlZlBP&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web
IP 104.17.208.240:0
File type JSON data\012- , ASCII text, with very long lines (349), with no line terminators
Hash ee7f3fa9c51a9679f565acc909de8c05
eb21fcbdadf5f2e096c7c52eda44147588ac9532
e32724f0fb2de9bf980899ca9ce200c3fdfd135169520f46488180575ef744eb
GET /WRSiteInterceptEngine/Asset.php?Module=CR_d6XJAZtXw3FDrIp&Version=9&Q_InterceptID=SI_9ZSfygjz9UlZlBP&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:37 GMT
content-type: application/json
cf-ray: 75d317e12dd2b51d-OSL
access-control-allow-origin: *
age: 347854
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
expires: Sun, 10 Oct 2032 05:43:04 GMT
last-modified: Thu, 13 Oct 2022 05:43:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: false
edge-control: max-age=604800
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
servershortname:
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven
44.197.47.122200 OK 1.9 kB URL HTTP/2 regionsbank.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven
IP 44.197.47.122:0
Hash 0af8ae84d859e575fae96f0aade7430b
df64770982744a5d276224305838972ccbe59126
0d67af3d289c41583c52cb7e8af596fd8195ed9438108fe0267d052e4debd192
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 16:22:37 GMT
content-type: text/html
accept-ranges: bytes
etag: W/"2762-1664222686000"
last-modified: Mon, 26 Sep 2022 20:04:46 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=3&c=1202&i=8veivj&p=regions-prod-b&s=16286&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjoxLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAPMqaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL3ZpZXd0aHJvdWdoY29uBwH7Gy8xMDEzNTM2NDA2Lz9yYW5kb209MTY2NjI4Mjk2Njc5NCZjdj05JmZzdBcAoW51bT0xJmJnPWYBAPEAJmd1aWQ9T04mcmVzcD1HjgDwEW1LVHliUWhDc08mdV9oPTEwMjQmdV93PTEyODAmdV9hEwAgMDIKAAUUADFjZD0lALBoaXM9MSZ1X3R6PSsA8QNqYXZhPWZhbHNlJnVfbnBsdWcXAPANbm1pbWU9MCZndG09Mm9hYWgwJnNlbmRiPTEmaSIA8A1kYXRhPWV2ZW50JTNEZ3RhZy5jb25maWcmZnJtQQAxcmw9QAHTJTNBJTJGJTJGd3d3LtwB8AUuY29tJTJGbG9jYXRvciUyRm1sbwYA9CdvcnRnYWdlLWxvYW4tb2ZmaWNlci1qZXJyaS1jaGFtYmVybGluLXNvdXRoYXZlbiZ0aWJhPVMPAEMlMjBNQgDwBCUyMExlbmRlciUyMCU3QyUyMEpGAEUlMjBDSAAFGwADEwIgJmFmAbYyMDU4OTY4MTkyLqsBQCZobj2_AAIJAgC-APABJmFzeW5jPTEmcmZtdD0zJgYAcDQiLCJ0eXCLAtBzY3JpcHQiLCJzdGFypQIH9gEQOJMCAPwCBRQAoDk0Niwic291cmM8ALJhcHBlbmRDaGlsZEEAkHR1cyI6ImxvYRAAYHJlYXNvbq4CMF0sIoQBZFBhdHRlchIAsmxpc3QiOltdLCJpYwDPNzQzNTEzMTA4NX0s4AL__1M_ODA04AIMMW11dGEFEk-vBS9yQeYCOC85MeYC__9XHzXmAhwvQ0znAjkfMucCBwCoBoBmYWNlYm9va6oGsC90ci8_aWQ9NDk5Bgb_BzMxNzc1NzE0JmV2PVBhZ2VWaWV3JmSsB1Bjcmw9JmlmaQgndHPyCFM5NjImc6YIEHO4CPcYMjQmdj0yLjkuODcmcj1zdGFibGUmZWM9MCZvPTMwJmZicD1mYi4xoQf5ADk2MS42NDE4MTc5MzMmaVAJYzQxJmNvb3kAdnJxbT1HRVSqBzJpbWeZAQqnBz45NjLhAQAUAAWnB_ADaW1nX0RPTUF0dHJNb2RpZmllnwcyc3RhrwdRYWxsb3cTAA-yBx2fNTg3Mzk4MTM05QEIhWNvbm5lY3Qu6QEAiwqCc2lnbmFscy-ICRsv8QEdP1MBBgUBD68ICC80MwgBABczrwiwaW5zZXJ0QmVmb3J7CwUBAQ-wCCWfNzQ4MzA0MTkw4wIHD_4AWA_NBgAYNv4AD80GQgQDAQ_NBggPAwFYD-oEAA8DAQoP6gQzBAQBDwUDCADqBAaSCwSKDYAxcC11c2VyLQoLjy85NTk1ODE4gA0CPDgwN4ANMDE2MAEAHyaADQUPag1eAOELD2UNvAM4DQAxDXEzJmlzX3Z0Rw0CHg-vMjU1ODk3NDIxNewOBPYAcm10X3RsZD0wJmlwcj15wwQPyAUFHzfIBQAAFAAPyAVPrzYzMTI2MDU2NjTKBAcHwwIvbm_CAv_cHzHCAhYPggcAGDeEBg-KCEavNjI4MDg4MjE0OMICBwKBBQ8cEyAPmwUcADITALIFD5sFBQ8bE_-xPjgwOWwKJzc0bAoPGxM7rzY0ODQwNzM2NDbfAv__VS8xMN8CDAxNDA9KCzIF5gIfN-YCQA_hGAwcOWELAMYFMzc5OWELAgQK_wtsYWJlbD1GMGtRQ0lXSWdxWUJFSmF0cGVNRAIZmQb2GQ8BGcKPZ3RtX2VlPTEKGQCSZ2NwPTEmY3RfdhukX3ByZXNlbnQ9MSQZD6ULDi84MGQOACc3NfkFDBoDDzQWMwBtDD8yMzmgCxM_Y29toQsCDwMDDA3kGw9kDv9wnzk1MTY2ODI4OWQONR80vwIAGDiiCw-_AkGfODA2MDAzMzk3nQsIB18OD78CBQ-HCxwPvgL_cAC1BA8iETsN5BQ4NzAydgsPvgJBBR0RD3wLCPEDc3AuYW5hbHl0aWNzLnlhaG9v0Bihc3BwLnBsP2E9MawT8AAueXA9MTAxNzU2NTgmaGUvGCJydMwfAW4gAHEiA5YfDyQSBB4xsxxHNzAzOX8GD3gMO580MjgwMzA1MDN5BggP_ABWLDM3lQoL_AAM_gEPlQoyBAMBHzaVCghQc21ldHL7AQHHASFuc_0B-EJpZD9kX3Zpc2lkX3Zlcj00LjQuMCZkX2ZpZWxkZ3JvdXA9TUMmbWNvcmdpZD1EQjk2Mzk3MjVCRDJGQzVCMEE0OTVDNjUlNDBBZG9iZU9yZyaKGjc3MDQuAj94aHIaGgAAJAAOMgEnNDEuArJYSFJfTUFOQUdFUkEADxIaLa82Njc4NzU0MDMzwwsHDy4Bhh8xLgFmD18DCAAZBwU8GwAbBw8lHf8lDZsURzcwNDgLAww9BAm4C0BlcnJvYwMPIR0mDw8DCDF0LnSxJ7B0di90cmFjaz9hY9UnED2vJwHzHuBlbnY9anMtd2ViJnRhZ00EALko8BI9Ni43LjBfOGFlNDU3MCZidXllcl9waXhlbF9pZD01OTmYGF9mZXJlct0mTwDGGkBfc2VzmAAAfgD_FWUxNjFjNDkwLTEwNTUtNDU4OC1iMDE4LTJlOThhNTAwNWRlN2sNDi05NIUQODcwNOwGD7MBCg_VHSSPNTEwMDI0NTbyBgkPsgH_CA9CBQEPsgEJD6IHMgWzAQ84KAiRcHhsLmppdm94mwfwHnRhZ3MvcmUvcHhyYy5waHA_cHg9MDYwMzQyNGJkOTkwNGEmcmV0PWltZyZjRD0qMFVuaSkrMGFsX4kiEV-XA-B1c19wcml2YWN5PXRydVEgD7wJDB8y0AIAGDaDBA-8CTyPNzAyMjMzODRdBggPFwFxAJEIImVuAyoCcCwpNzAXAQznAw81AjITNB4BHzY1AggAewcCNRofLvMc__8JD5MOAC83MFgIFQ-lBiQF7hwfOWYLBwe9AgA2CgBOCGZhZC8xcC3_FQ_1Lw0PFBcMDw4X_7RAc3NjdC4XDxYXCA86MB4vODAJCAAfODowSI8xMjAzMTg0OKQPCA8QA___bQ13F083MDg3JgYID-QIMhM3FwMPazAJ8QEyMDgzOTIxOHAucmZpaHViIAuAY2EuaHRtbD-4EuQ5JnJiPTQ2MTIxJmNhPS8AbyZjdXN0MVoODj8mcGUkAA4PWzUugHBmPSZyYT04CjWoODk4MDU1NTI3MGEOQGZyYW2hCw7jNADUNwt9CigxMJkBDzQsPCA0Mg4PPzE1MhEQCARkAQ-TAeUOUgkKkwEMEAwJqhEPUgkkBZgBDw8MCA-YAe0OxAQPmAELD8QEMgWZAQ9-GQgtYWTsOkBkZG0vSBPwAnZpdHkvc3JjPTkxMDA1NzY7pA-BPXB2O2NhdD2uF5AwO2RjX2xhdD0IAGByZGlkPTtmE1Bmb3JfY9k48ABfZGlyZWN0ZWRfdHJlYXScO_8VPTt0ZnVhPTtucGE9O29yZD0xPzI0NzM3NjE4MzUwMS4xNTAx3xIOATwBDHsEGDGLHQ8PEDufNjA2MTQ5MDU3py4ID0kBow8YGgAZMUkBDzEEQQNPAS82ME8Bvw32Ox83TwELD-gDMtA2MDYxNDkwNjAzfV19
34.242.179.188204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=3&c=1202&i=8veivj&p=regions-prod-b&s=16286&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjoxLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAPMqaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL3ZpZXd0aHJvdWdoY29uBwH7Gy8xMDEzNTM2NDA2Lz9yYW5kb209MTY2NjI4Mjk2Njc5NCZjdj05JmZzdBcAoW51bT0xJmJnPWYBAPEAJmd1aWQ9T04mcmVzcD1HjgDwEW1LVHliUWhDc08mdV9oPTEwMjQmdV93PTEyODAmdV9hEwAgMDIKAAUUADFjZD0lALBoaXM9MSZ1X3R6PSsA8QNqYXZhPWZhbHNlJnVfbnBsdWcXAPANbm1pbWU9MCZndG09Mm9hYWgwJnNlbmRiPTEmaSIA8A1kYXRhPWV2ZW50JTNEZ3RhZy5jb25maWcmZnJtQQAxcmw9QAHTJTNBJTJGJTJGd3d3LtwB8AUuY29tJTJGbG9jYXRvciUyRm1sbwYA9CdvcnRnYWdlLWxvYW4tb2ZmaWNlci1qZXJyaS1jaGFtYmVybGluLXNvdXRoYXZlbiZ0aWJhPVMPAEMlMjBNQgDwBCUyMExlbmRlciUyMCU3QyUyMEpGAEUlMjBDSAAFGwADEwIgJmFmAbYyMDU4OTY4MTkyLqsBQCZobj2_AAIJAgC-APABJmFzeW5jPTEmcmZtdD0zJgYAcDQiLCJ0eXCLAtBzY3JpcHQiLCJzdGFypQIH9gEQOJMCAPwCBRQAoDk0Niwic291cmM8ALJhcHBlbmRDaGlsZEEAkHR1cyI6ImxvYRAAYHJlYXNvbq4CMF0sIoQBZFBhdHRlchIAsmxpc3QiOltdLCJpYwDPNzQzNTEzMTA4NX0s4AL__1M_ODA04AIMMW11dGEFEk-vBS9yQeYCOC85MeYC__9XHzXmAhwvQ0znAjkfMucCBwCoBoBmYWNlYm9va6oGsC90ci8_aWQ9NDk5Bgb_BzMxNzc1NzE0JmV2PVBhZ2VWaWV3JmSsB1Bjcmw9JmlmaQgndHPyCFM5NjImc6YIEHO4CPcYMjQmdj0yLjkuODcmcj1zdGFibGUmZWM9MCZvPTMwJmZicD1mYi4xoQf5ADk2MS42NDE4MTc5MzMmaVAJYzQxJmNvb3kAdnJxbT1HRVSqBzJpbWeZAQqnBz45NjLhAQAUAAWnB_ADaW1nX0RPTUF0dHJNb2RpZmllnwcyc3RhrwdRYWxsb3cTAA-yBx2fNTg3Mzk4MTM05QEIhWNvbm5lY3Qu6QEAiwqCc2lnbmFscy-ICRsv8QEdP1MBBgUBD68ICC80MwgBABczrwiwaW5zZXJ0QmVmb3J7CwUBAQ-wCCWfNzQ4MzA0MTkw4wIHD_4AWA_NBgAYNv4AD80GQgQDAQ_NBggPAwFYD-oEAA8DAQoP6gQzBAQBDwUDCADqBAaSCwSKDYAxcC11c2VyLQoLjy85NTk1ODE4gA0CPDgwN4ANMDE2MAEAHyaADQUPag1eAOELD2UNvAM4DQAxDXEzJmlzX3Z0Rw0CHg-vMjU1ODk3NDIxNewOBPYAcm10X3RsZD0wJmlwcj15wwQPyAUFHzfIBQAAFAAPyAVPrzYzMTI2MDU2NjTKBAcHwwIvbm_CAv_cHzHCAhYPggcAGDeEBg-KCEavNjI4MDg4MjE0OMICBwKBBQ8cEyAPmwUcADITALIFD5sFBQ8bE_-xPjgwOWwKJzc0bAoPGxM7rzY0ODQwNzM2NDbfAv__VS8xMN8CDAxNDA9KCzIF5gIfN-YCQA_hGAwcOWELAMYFMzc5OWELAgQK_wtsYWJlbD1GMGtRQ0lXSWdxWUJFSmF0cGVNRAIZmQb2GQ8BGcKPZ3RtX2VlPTEKGQCSZ2NwPTEmY3RfdhukX3ByZXNlbnQ9MSQZD6ULDi84MGQOACc3NfkFDBoDDzQWMwBtDD8yMzmgCxM_Y29toQsCDwMDDA3kGw9kDv9wnzk1MTY2ODI4OWQONR80vwIAGDiiCw-_AkGfODA2MDAzMzk3nQsIB18OD78CBQ-HCxwPvgL_cAC1BA8iETsN5BQ4NzAydgsPvgJBBR0RD3wLCPEDc3AuYW5hbHl0aWNzLnlhaG9v0Bihc3BwLnBsP2E9MawT8AAueXA9MTAxNzU2NTgmaGUvGCJydMwfAW4gAHEiA5YfDyQSBB4xsxxHNzAzOX8GD3gMO580MjgwMzA1MDN5BggP_ABWLDM3lQoL_AAM_gEPlQoyBAMBHzaVCghQc21ldHL7AQHHASFuc_0B-EJpZD9kX3Zpc2lkX3Zlcj00LjQuMCZkX2ZpZWxkZ3JvdXA9TUMmbWNvcmdpZD1EQjk2Mzk3MjVCRDJGQzVCMEE0OTVDNjUlNDBBZG9iZU9yZyaKGjc3MDQuAj94aHIaGgAAJAAOMgEnNDEuArJYSFJfTUFOQUdFUkEADxIaLa82Njc4NzU0MDMzwwsHDy4Bhh8xLgFmD18DCAAZBwU8GwAbBw8lHf8lDZsURzcwNDgLAww9BAm4C0BlcnJvYwMPIR0mDw8DCDF0LnSxJ7B0di90cmFjaz9hY9UnED2vJwHzHuBlbnY9anMtd2ViJnRhZ00EALko8BI9Ni43LjBfOGFlNDU3MCZidXllcl9waXhlbF9pZD01OTmYGF9mZXJlct0mTwDGGkBfc2VzmAAAfgD_FWUxNjFjNDkwLTEwNTUtNDU4OC1iMDE4LTJlOThhNTAwNWRlN2sNDi05NIUQODcwNOwGD7MBCg_VHSSPNTEwMDI0NTbyBgkPsgH_CA9CBQEPsgEJD6IHMgWzAQ84KAiRcHhsLmppdm94mwfwHnRhZ3MvcmUvcHhyYy5waHA_cHg9MDYwMzQyNGJkOTkwNGEmcmV0PWltZyZjRD0qMFVuaSkrMGFsX4kiEV-XA-B1c19wcml2YWN5PXRydVEgD7wJDB8y0AIAGDaDBA-8CTyPNzAyMjMzODRdBggPFwFxAJEIImVuAyoCcCwpNzAXAQznAw81AjITNB4BHzY1AggAewcCNRofLvMc__8JD5MOAC83MFgIFQ-lBiQF7hwfOWYLBwe9AgA2CgBOCGZhZC8xcC3_FQ_1Lw0PFBcMDw4X_7RAc3NjdC4XDxYXCA86MB4vODAJCAAfODowSI8xMjAzMTg0OKQPCA8QA___bQ13F083MDg3JgYID-QIMhM3FwMPazAJ8QEyMDgzOTIxOHAucmZpaHViIAuAY2EuaHRtbD-4EuQ5JnJiPTQ2MTIxJmNhPS8AbyZjdXN0MVoODj8mcGUkAA4PWzUugHBmPSZyYT04CjWoODk4MDU1NTI3MGEOQGZyYW2hCw7jNADUNwt9CigxMJkBDzQsPCA0Mg4PPzE1MhEQCARkAQ-TAeUOUgkKkwEMEAwJqhEPUgkkBZgBDw8MCA-YAe0OxAQPmAELD8QEMgWZAQ9-GQgtYWTsOkBkZG0vSBPwAnZpdHkvc3JjPTkxMDA1NzY7pA-BPXB2O2NhdD2uF5AwO2RjX2xhdD0IAGByZGlkPTtmE1Bmb3JfY9k48ABfZGlyZWN0ZWRfdHJlYXScO_8VPTt0ZnVhPTtucGE9O29yZD0xPzI0NzM3NjE4MzUwMS4xNTAx3xIOATwBDHsEGDGLHQ8PEDufNjA2MTQ5MDU3py4ID0kBow8YGgAZMUkBDzEEQQNPAS82ME8Bvw32Ox83TwELD-gDMtA2MDYxNDkwNjAzfV19
IP 34.242.179.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=3&c=1202&i=8veivj&p=regions-prod-b&s=16286&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjoxLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAPMqaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL3ZpZXd0aHJvdWdoY29uBwH7Gy8xMDEzNTM2NDA2Lz9yYW5kb209MTY2NjI4Mjk2Njc5NCZjdj05JmZzdBcAoW51bT0xJmJnPWYBAPEAJmd1aWQ9T04mcmVzcD1HjgDwEW1LVHliUWhDc08mdV9oPTEwMjQmdV93PTEyODAmdV9hEwAgMDIKAAUUADFjZD0lALBoaXM9MSZ1X3R6PSsA8QNqYXZhPWZhbHNlJnVfbnBsdWcXAPANbm1pbWU9MCZndG09Mm9hYWgwJnNlbmRiPTEmaSIA8A1kYXRhPWV2ZW50JTNEZ3RhZy5jb25maWcmZnJtQQAxcmw9QAHTJTNBJTJGJTJGd3d3LtwB8AUuY29tJTJGbG9jYXRvciUyRm1sbwYA9CdvcnRnYWdlLWxvYW4tb2ZmaWNlci1qZXJyaS1jaGFtYmVybGluLXNvdXRoYXZlbiZ0aWJhPVMPAEMlMjBNQgDwBCUyMExlbmRlciUyMCU3QyUyMEpGAEUlMjBDSAAFGwADEwIgJmFmAbYyMDU4OTY4MTkyLqsBQCZobj2_AAIJAgC-APABJmFzeW5jPTEmcmZtdD0zJgYAcDQiLCJ0eXCLAtBzY3JpcHQiLCJzdGFypQIH9gEQOJMCAPwCBRQAoDk0Niwic291cmM8ALJhcHBlbmRDaGlsZEEAkHR1cyI6ImxvYRAAYHJlYXNvbq4CMF0sIoQBZFBhdHRlchIAsmxpc3QiOltdLCJpYwDPNzQzNTEzMTA4NX0s4AL__1M_ODA04AIMMW11dGEFEk-vBS9yQeYCOC85MeYC__9XHzXmAhwvQ0znAjkfMucCBwCoBoBmYWNlYm9va6oGsC90ci8_aWQ9NDk5Bgb_BzMxNzc1NzE0JmV2PVBhZ2VWaWV3JmSsB1Bjcmw9JmlmaQgndHPyCFM5NjImc6YIEHO4CPcYMjQmdj0yLjkuODcmcj1zdGFibGUmZWM9MCZvPTMwJmZicD1mYi4xoQf5ADk2MS42NDE4MTc5MzMmaVAJYzQxJmNvb3kAdnJxbT1HRVSqBzJpbWeZAQqnBz45NjLhAQAUAAWnB_ADaW1nX0RPTUF0dHJNb2RpZmllnwcyc3RhrwdRYWxsb3cTAA-yBx2fNTg3Mzk4MTM05QEIhWNvbm5lY3Qu6QEAiwqCc2lnbmFscy-ICRsv8QEdP1MBBgUBD68ICC80MwgBABczrwiwaW5zZXJ0QmVmb3J7CwUBAQ-wCCWfNzQ4MzA0MTkw4wIHD_4AWA_NBgAYNv4AD80GQgQDAQ_NBggPAwFYD-oEAA8DAQoP6gQzBAQBDwUDCADqBAaSCwSKDYAxcC11c2VyLQoLjy85NTk1ODE4gA0CPDgwN4ANMDE2MAEAHyaADQUPag1eAOELD2UNvAM4DQAxDXEzJmlzX3Z0Rw0CHg-vMjU1ODk3NDIxNewOBPYAcm10X3RsZD0wJmlwcj15wwQPyAUFHzfIBQAAFAAPyAVPrzYzMTI2MDU2NjTKBAcHwwIvbm_CAv_cHzHCAhYPggcAGDeEBg-KCEavNjI4MDg4MjE0OMICBwKBBQ8cEyAPmwUcADITALIFD5sFBQ8bE_-xPjgwOWwKJzc0bAoPGxM7rzY0ODQwNzM2NDbfAv__VS8xMN8CDAxNDA9KCzIF5gIfN-YCQA_hGAwcOWELAMYFMzc5OWELAgQK_wtsYWJlbD1GMGtRQ0lXSWdxWUJFSmF0cGVNRAIZmQb2GQ8BGcKPZ3RtX2VlPTEKGQCSZ2NwPTEmY3RfdhukX3ByZXNlbnQ9MSQZD6ULDi84MGQOACc3NfkFDBoDDzQWMwBtDD8yMzmgCxM_Y29toQsCDwMDDA3kGw9kDv9wnzk1MTY2ODI4OWQONR80vwIAGDiiCw-_AkGfODA2MDAzMzk3nQsIB18OD78CBQ-HCxwPvgL_cAC1BA8iETsN5BQ4NzAydgsPvgJBBR0RD3wLCPEDc3AuYW5hbHl0aWNzLnlhaG9v0Bihc3BwLnBsP2E9MawT8AAueXA9MTAxNzU2NTgmaGUvGCJydMwfAW4gAHEiA5YfDyQSBB4xsxxHNzAzOX8GD3gMO580MjgwMzA1MDN5BggP_ABWLDM3lQoL_AAM_gEPlQoyBAMBHzaVCghQc21ldHL7AQHHASFuc_0B-EJpZD9kX3Zpc2lkX3Zlcj00LjQuMCZkX2ZpZWxkZ3JvdXA9TUMmbWNvcmdpZD1EQjk2Mzk3MjVCRDJGQzVCMEE0OTVDNjUlNDBBZG9iZU9yZyaKGjc3MDQuAj94aHIaGgAAJAAOMgEnNDEuArJYSFJfTUFOQUdFUkEADxIaLa82Njc4NzU0MDMzwwsHDy4Bhh8xLgFmD18DCAAZBwU8GwAbBw8lHf8lDZsURzcwNDgLAww9BAm4C0BlcnJvYwMPIR0mDw8DCDF0LnSxJ7B0di90cmFjaz9hY9UnED2vJwHzHuBlbnY9anMtd2ViJnRhZ00EALko8BI9Ni43LjBfOGFlNDU3MCZidXllcl9waXhlbF9pZD01OTmYGF9mZXJlct0mTwDGGkBfc2VzmAAAfgD_FWUxNjFjNDkwLTEwNTUtNDU4OC1iMDE4LTJlOThhNTAwNWRlN2sNDi05NIUQODcwNOwGD7MBCg_VHSSPNTEwMDI0NTbyBgkPsgH_CA9CBQEPsgEJD6IHMgWzAQ84KAiRcHhsLmppdm94mwfwHnRhZ3MvcmUvcHhyYy5waHA_cHg9MDYwMzQyNGJkOTkwNGEmcmV0PWltZyZjRD0qMFVuaSkrMGFsX4kiEV-XA-B1c19wcml2YWN5PXRydVEgD7wJDB8y0AIAGDaDBA-8CTyPNzAyMjMzODRdBggPFwFxAJEIImVuAyoCcCwpNzAXAQznAw81AjITNB4BHzY1AggAewcCNRofLvMc__8JD5MOAC83MFgIFQ-lBiQF7hwfOWYLBwe9AgA2CgBOCGZhZC8xcC3_FQ_1Lw0PFBcMDw4X_7RAc3NjdC4XDxYXCA86MB4vODAJCAAfODowSI8xMjAzMTg0OKQPCA8QA___bQ13F083MDg3JgYID-QIMhM3FwMPazAJ8QEyMDgzOTIxOHAucmZpaHViIAuAY2EuaHRtbD-4EuQ5JnJiPTQ2MTIxJmNhPS8AbyZjdXN0MVoODj8mcGUkAA4PWzUugHBmPSZyYT04CjWoODk4MDU1NTI3MGEOQGZyYW2hCw7jNADUNwt9CigxMJkBDzQsPCA0Mg4PPzE1MhEQCARkAQ-TAeUOUgkKkwEMEAwJqhEPUgkkBZgBDw8MCA-YAe0OxAQPmAELD8QEMgWZAQ9-GQgtYWTsOkBkZG0vSBPwAnZpdHkvc3JjPTkxMDA1NzY7pA-BPXB2O2NhdD2uF5AwO2RjX2xhdD0IAGByZGlkPTtmE1Bmb3JfY9k48ABfZGlyZWN0ZWRfdHJlYXScO_8VPTt0ZnVhPTtucGE9O29yZD0xPzI0NzM3NjE4MzUwMS4xNTAx3xIOATwBDHsEGDGLHQ8PEDufNjA2MTQ5MDU3py4ID0kBow8YGgAZMUkBDzEEQQNPAS82ME8Bvw32Ox83TwELD-gDMtA2MDYxNDkwNjAzfV19 HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 20 Oct 2022 16:22:37 GMT
expires: Thu, 20 Oct 2022 16:22:36 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=1202&i=8veivj&p=regions-prod-b&s=15759&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjoxLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAPEMaHR0cHM6Ly9tYXBzLmdvb2dsZWFwaXMuY29tFABBL2FwaQkA8Ahqcy9nZW5fMjA0P2NzcF90ZXN0PXRydYsAMHR5cJwAoHhociIsInN0YXKzAMA2NjYyODI5NjU4MjGhAAAKAQoUAFBzb3VyYzkAslhIUl9NQU5BR0VSQQDRdHVzIjoiYWxsb3dlZMAAQGFzb26_ANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlmAM81ODU1NzYyMTM5fSzxAP8U8AhzdGF0aWNtYXA_Y2VudGVyPTM0Ljk5MMIBETkBAOEsJTIwLTkwLjAwNTA2NhMA9Ak5OSZ6b29tPTE1Jm1hcmtlcnM9aWNvbjpTAkN3d3cu6QIBTwLzB34vbWVkaWEvSW1hZ2VzL1dlYlNpdGUOAPIAYnJhbmNoLWxvY2F0b3ItUQB_LnBuZyU3Q4wAE9JzdHlsZT1odWU6JTIzAQCBJTdDc2F0dXLtAvAHOi0xMDAmc2l6ZT00MDB4NDAwJm1hcLwC8Cg9cm9hZG1hcCZrZXk9QUl6YVN5QnMwaHFZZk5Zc1lQWU90Y1pyWWxpNmowSzhCLXdPOW1jIiwiOwBiIjoiaW1ntgIM9wIfNfcCADU2LCL3AkFIVE1M_gDSX1NFVEFUVFJJQlVURUwADwIDLp81MTE3ODg1MDMCAwfxAG5leHVzLmVuc2lnaHRlbqQBA7ABEy8IAAOhBBEvdQTyF3JDb21wb25lbnQucGhwP25hbWVzcGFjZT1Cb290c3RyYXBwZXImSgIgSnPqBB89YwAYY2NvZGUvJicF8ARlZE9uPVR1ZSUyME9jdCUyMDExBQDyBzY6MDc6MzUlMjBHTVQlMjAyMDIyJkNqBSBEPWkFgSZQYWdlSUQ9hAKbJTNBJTJGJTJGigIzJTJGaAJgJTJGbWxvBgD2IG9ydGdhZ2UtbG9hbi1vZmZpY2VyLWplcnJpLWNoYW1iZXJsaW4tc291dGhhdmVu_wFic2NyaXB0tgEKAgI9NzQ5AgI3OTY0AgKwaW5zZXJ0QmVmb3JIBQA7AQH6BD9sb2H3BCGvNzIxMzMwMTk2NPUB_2keNe4GCvUBIG11bAUyb25PywcyckNMPQIC8wMP-wEtHzb7ATIBjQPwGjhlMDk5Mjg5NGVjM2E2MzdhZGYxMWUxOTMwN2JiNjViLmpzP2NvbmRpSwivSWQwPTM2NTI4NxsDETw5NjIbAzg2MDcdBQ8bAzyvNTM4NDcyNDU1NyABlB80IAEMD0YCQgUmAQ84CQjxA3NwLmFuYWx5dGljcy55YWhvbzkG8RBzcHAucGw_YT0xMDAwMCYueXA9MTAxNzU2NTgmaGU9FgphJmF1aWQ9WwYAIwsPQAcKTTYxMDMDAQEUAAVAB_ECaW1nX0RPTUF0dHJNb2RpZmksCgVFBQ8_CiefNDI4MDMwNTAzPQcI8B1hZC5kb3VibGVjbGljay5uZXQvZGRtL2FjdGl2aXR5L3NyYz05MTAwNTc2O-kAcz1wdjtjYXT-AIA7ZGNfbGF0PQgA8BNyZGlkPTt0YWdfZm9yX2NoaWxkX2RpcmVjdGVkX3RyZWF01wv2FT07dGZ1YT07bnBhPTtvcmQ9MT8yNDczNzYxODM1MDEuMTUwMXoDD5QIA082MTA2VAEACXcDD1QBRa82MDYxNDkwNTcxgQMH4mRjLmFkcy5saW5rZWRpkQj_DGNvbGxlY3QvP3BpZD02ODE1MDYmZm10PWdpZu8AEB837wAAGDeBBw_vAEafMjY0NzkzODI17wAHUGN0LnBpbQsxZXN0RAPyCXYzLz90aWQ9MjYxMzQ4MzkxNzU1NyZub2MIHz3gAREfOPEAAB848QBRnzc1Njc5NTczNYEGCAY4BDB0d2nBDQH2AOJpL2Fkc2N0P3BfaWQ9VBkAcCZwX3VzZXISAFAwJnR4bgkA8AFvMXJ4dCZldmVudHM9JTVCAwDwHDIycGFnZXZpZXclMjIlMkNudWxsJTVEJTVEJnR3X3NhbGVfYW1vdW50PTARAP8Ab3JkZXJfcXVhbnRpdHk9hQQRDcMJTzYxMDlRAVGfNjc2Nzg5MDU0zQkIADcCHy9AAYouMTCRAgAUAA_FBVB_NTAzNDM5NnEECTBwdWJxBB1nywUExwXBO3hzcD00OTU4ODAzdgX_AjkzOTUyMDk2OTU2OTgyNjg_hQQPHjHrCBAxFAAPAwFPnzgyMDUwOTkzOMgGCHJpYi5hZG548RHxFHBpeGllP3BpPThkNWYzODlhLTJjMGMtNGM2Zi1iYzc4LTQ0DQqAMDg5MGUmZT1tDVNWaWV3JqIED1EDEB0xFg8gNjEUAA8OAVGPMzI2Mzg0MDKTBQeRcHhsLmppdm94mgThdGFncy9jb252L3B4cmX1DvsNcHg9MjYwMTlhZGVjNTc1NjAmdXNfcHJpdmFjeQ8TD4QHBR8xpAUAABQADwIBT580NDQ0MjAzMjiEBwgPAgEAIHJlAAEUYwAB8BEwNjAzNDI0YmQ5OTA0YSZyZXQ9aW1nJmNEYXRhPVVuaSAVMGFsXxwCEV8dAg8iAR8PdQUAHzF1BVKfNDcwMjIzMzg0MgMID9QQAfALZXJyb3IvZS5naWY_bXNnPUludmFsaWQlMjCuFAAHAEFlZmluKQ1xJTIwdXNlZJwQ-wEwNTk4NTcmbG5uPTU0JmZutxAPagAAMSUyRkALJm5zCgADpRE1JTJGiRFyLmpzJmNpZBMRAosWAnoKJG5zYxEBoBEDTAADQgCAJnJpZD0tMSaRCjEtMSbVAFBOYW1lPdsBFUTCAFBFeGNlcPQND_wEDw77FSA2MRQAD-wCT583MDk1MjY4MzPuAwgPYAEABPkSBAgAAxoBES8RD_0RYWNlZjkwZDZmYjY2NWNhYzdmMmZiYzdiM2IwZDhiOGERD2Y0MjMwMjYnAQInBQLvDwosEi85NikHAB80LBJInzY1NzA2MDA1NaEKCA8gAXoPDg4ACSABDxEPQgUmAR84NAYHoWRwbS5kZW1kZXgGDvIiaWQ_ZF92aXNpZF92ZXI9NC40LjAmZF9maWVsZGdyb3VwPU1DJmRfcnRiZD1qc29uJigAEjIIAPApaWZ5PTEmZF9vcmdpZD1EQjk2Mzk3MjVCRDJGQzVCMEE0OTVDNjUlNDBBZG9iZU9yZyZkX25zaWTgCjRzPTFhGUY2MjUzdwIPmRkDACQADZ0JKDI1dAIfWJkZPZ80NzUzMTE4MDjVCggPUAGoDrURD1ABVQ_GAwgA_RYC2RuhdGFnbWFuYWdlct8I9AtndGFnL2pzP2lkPUFXLTEwMTM1MzY0MDYmbCwGAPgFQExheWXYGwDFED8iOiLDBAY-NjEw2wkpMje3Bw_vFjuvNTE5MTg0Njc4MJ0DBw_9AFYeM2sQCv0AD6AEQgMDAS84MeYGCLFsaXZlLnJlenluY_cB9D5zeW5jP2M9MTZiNjQxMDQzMWI2Mzc0ZTc4MDEwNGFiYjA0NDNjYTgmcD0yZjUyMmYyY2JjMGZlY2ViYWRkMjBmOTYxYWFiZGIxMyZrPUEI9AZiYW5rLXBpeGVsLTgyMTkmem1wSURHAhAtHgCgJmNhY2hlX2J1c18cAIcLwTk1NjMwNzU1MTg1NbgZMlVybAIJMDovL7kBA10AAbYAA7EZby9tbG8vba0ZPz42MTG9AygzNSwSAN8aMG5kQ6ATAsIHD7EXKmA2Njc4NzUDAQ-9AgcPugH_Fg54BA-6AVIPxAYID7oB_xUeNPUKCroBDzUFQgR7Ay84OXsDBwB_BA81BxB_OTU5NTgxODQHAkcmY3g9JyAPOQcHLjI2EhAvMzY5B0ifNjMwNTkwODc1wgIIDwEBWh43PQcKAQEPCAJDAwcBHzbtDwgPYhWQDXAeRzYzODCiFg-4BjsUNFcVD3IICA81AY8eM2ISCjUBD3ECQgM8AS83MLEKCPMDcGVvcGxlLmFwaS5ib29tdHJhCRvwAmlkZW50aWZ5L3Jlc29sdmU_WhL0mD1leUpqYjI5cmFXVWlPbnNpWW5OcGJpSTZJaUo5TENKeGRXVnllWE4wY21sdVp5STZlMzBzSW1WNGRHVnlibUZzWDJsa2N5STZleUo2ZVc1aklqb2lPR1F3WlRNek9EZ3RaR014WlMwMFpUWm1MVGszTWpNdE5HSTVZbU5pWW1JNU56UmxPakUyTmpZeU9ESTVOVFV1TXpNek5qQXlJbjE5JnNpdGVf9h0hbnMLCg-aDg4uNDaoHAEUAAU4Eg-aDj-PNTk3MzU1NzUVBggPnAH_ijtjZG4xA0VwMTNuxxMAggwQLxIAdi5taW4uanODAg-YBwcuMzW6GRA0rAcFhgIPpSI9ETGgGB8xohgJD-gAQg9uAwEINh4PDgVCFDXuAA8yHggPghQBAZcWD2wX_wEeNAkIGTXOEwzGARhBxw4BVgEPay0gBGgXHzUQCAgPXC4KALAjD3os_z4OTwsQNXEnBbgEDwoCCg-CKCQUNXIsD4sUCEBwLnRlcR8xdHYvCQAwLWZl5C8PkAUULjEx2AAfNpAFSo82NTcyNTM1MqIECA_TACwPAg8AGTb7DQ-rAUID2AAfNOwICQ-rASsPjQQAD9gACw8GKzITNdkAHzVhCwiBYmF0LmJpbmdWFADoIfAJb24vMD90aT0yMTAxMTI4MiZWZXI9MiZtPx3wFWQzNmNhNGEtYmIyNS00MTY2LThjYjMtMTY4MjFiMDk3Yjk4Jn4ZcDZlYmY2YjBvIfAIMzExZWQ4ZmMwZmZmM2Y2MDBhNGNkJna-JgAlACUzYyUA8AFhNzNiMzM1OTY2OGU1ZDg0JQD0J3M9MSZtc2Nsa2lkPU4mcGk9MCZsZz1lbi1VUyZzdz0xMjgwJnNoPTEwMjQmc2M9MjQmdGw9U5YuQyUyME0cFfAEJTIwTGVuZGVyJTIwJTdDJTIwSs0uRSUyMEPPLgUbAAMxND8ma3dMADcScMsVAegeD4QvQ_ABJnI9Jmx0PTI3OTMmZXZ0PQsm9wNMb2FkJnN2PTEmcm49ODU4NTh_HQ-SIQQuNjjoCTc2ODNDDw-qMUmfODM2ODU4MjQyYxwICbQCAA0AD8EKEy4xMBMINzY4NdkAD8EKPI82MTI5NjA5MVIRCQC_AAWAAwANAA_MABQeM6UKCswADyoFQQTRAB85nQFADzIaAA_RAAsPIwUyBdIAD_wFCCBqc4grsHJ2ci5vcmcvdXBfEwhQZXIuMS7yOA-wARQfMXwCAQhVDA98AjyPNDMyNDg0NTXxIQkP2QAyDzwSACg2ONkADIkCD7gBMgTfAB822wYID98AMh8xaAMALzkyNARHBNkAHzOaMQgP2QAyD2sJAQnZAA-4AUsPdCcIJmNtbQn_BnYyL2FkdmVydGlzZXI_cmVmZXJlcksHT2FidXllcl_BHQBsLUY1OTk1IxFSZmV0Y2gtDgm2JD82NjmSCwAAFAAFagxfRkVUQ0jdOzzANDM5OTk1MDM5fV19
34.242.179.188204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=1202&i=8veivj&p=regions-prod-b&s=15759&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjoxLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAPEMaHR0cHM6Ly9tYXBzLmdvb2dsZWFwaXMuY29tFABBL2FwaQkA8Ahqcy9nZW5fMjA0P2NzcF90ZXN0PXRydYsAMHR5cJwAoHhociIsInN0YXKzAMA2NjYyODI5NjU4MjGhAAAKAQoUAFBzb3VyYzkAslhIUl9NQU5BR0VSQQDRdHVzIjoiYWxsb3dlZMAAQGFzb26_ANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlmAM81ODU1NzYyMTM5fSzxAP8U8AhzdGF0aWNtYXA_Y2VudGVyPTM0Ljk5MMIBETkBAOEsJTIwLTkwLjAwNTA2NhMA9Ak5OSZ6b29tPTE1Jm1hcmtlcnM9aWNvbjpTAkN3d3cu6QIBTwLzB34vbWVkaWEvSW1hZ2VzL1dlYlNpdGUOAPIAYnJhbmNoLWxvY2F0b3ItUQB_LnBuZyU3Q4wAE9JzdHlsZT1odWU6JTIzAQCBJTdDc2F0dXLtAvAHOi0xMDAmc2l6ZT00MDB4NDAwJm1hcLwC8Cg9cm9hZG1hcCZrZXk9QUl6YVN5QnMwaHFZZk5Zc1lQWU90Y1pyWWxpNmowSzhCLXdPOW1jIiwiOwBiIjoiaW1ntgIM9wIfNfcCADU2LCL3AkFIVE1M_gDSX1NFVEFUVFJJQlVURUwADwIDLp81MTE3ODg1MDMCAwfxAG5leHVzLmVuc2lnaHRlbqQBA7ABEy8IAAOhBBEvdQTyF3JDb21wb25lbnQucGhwP25hbWVzcGFjZT1Cb290c3RyYXBwZXImSgIgSnPqBB89YwAYY2NvZGUvJicF8ARlZE9uPVR1ZSUyME9jdCUyMDExBQDyBzY6MDc6MzUlMjBHTVQlMjAyMDIyJkNqBSBEPWkFgSZQYWdlSUQ9hAKbJTNBJTJGJTJGigIzJTJGaAJgJTJGbWxvBgD2IG9ydGdhZ2UtbG9hbi1vZmZpY2VyLWplcnJpLWNoYW1iZXJsaW4tc291dGhhdmVu_wFic2NyaXB0tgEKAgI9NzQ5AgI3OTY0AgKwaW5zZXJ0QmVmb3JIBQA7AQH6BD9sb2H3BCGvNzIxMzMwMTk2NPUB_2keNe4GCvUBIG11bAUyb25PywcyckNMPQIC8wMP-wEtHzb7ATIBjQPwGjhlMDk5Mjg5NGVjM2E2MzdhZGYxMWUxOTMwN2JiNjViLmpzP2NvbmRpSwivSWQwPTM2NTI4NxsDETw5NjIbAzg2MDcdBQ8bAzyvNTM4NDcyNDU1NyABlB80IAEMD0YCQgUmAQ84CQjxA3NwLmFuYWx5dGljcy55YWhvbzkG8RBzcHAucGw_YT0xMDAwMCYueXA9MTAxNzU2NTgmaGU9FgphJmF1aWQ9WwYAIwsPQAcKTTYxMDMDAQEUAAVAB_ECaW1nX0RPTUF0dHJNb2RpZmksCgVFBQ8_CiefNDI4MDMwNTAzPQcI8B1hZC5kb3VibGVjbGljay5uZXQvZGRtL2FjdGl2aXR5L3NyYz05MTAwNTc2O-kAcz1wdjtjYXT-AIA7ZGNfbGF0PQgA8BNyZGlkPTt0YWdfZm9yX2NoaWxkX2RpcmVjdGVkX3RyZWF01wv2FT07dGZ1YT07bnBhPTtvcmQ9MT8yNDczNzYxODM1MDEuMTUwMXoDD5QIA082MTA2VAEACXcDD1QBRa82MDYxNDkwNTcxgQMH4mRjLmFkcy5saW5rZWRpkQj_DGNvbGxlY3QvP3BpZD02ODE1MDYmZm10PWdpZu8AEB837wAAGDeBBw_vAEafMjY0NzkzODI17wAHUGN0LnBpbQsxZXN0RAPyCXYzLz90aWQ9MjYxMzQ4MzkxNzU1NyZub2MIHz3gAREfOPEAAB848QBRnzc1Njc5NTczNYEGCAY4BDB0d2nBDQH2AOJpL2Fkc2N0P3BfaWQ9VBkAcCZwX3VzZXISAFAwJnR4bgkA8AFvMXJ4dCZldmVudHM9JTVCAwDwHDIycGFnZXZpZXclMjIlMkNudWxsJTVEJTVEJnR3X3NhbGVfYW1vdW50PTARAP8Ab3JkZXJfcXVhbnRpdHk9hQQRDcMJTzYxMDlRAVGfNjc2Nzg5MDU0zQkIADcCHy9AAYouMTCRAgAUAA_FBVB_NTAzNDM5NnEECTBwdWJxBB1nywUExwXBO3hzcD00OTU4ODAzdgX_AjkzOTUyMDk2OTU2OTgyNjg_hQQPHjHrCBAxFAAPAwFPnzgyMDUwOTkzOMgGCHJpYi5hZG548RHxFHBpeGllP3BpPThkNWYzODlhLTJjMGMtNGM2Zi1iYzc4LTQ0DQqAMDg5MGUmZT1tDVNWaWV3JqIED1EDEB0xFg8gNjEUAA8OAVGPMzI2Mzg0MDKTBQeRcHhsLmppdm94mgThdGFncy9jb252L3B4cmX1DvsNcHg9MjYwMTlhZGVjNTc1NjAmdXNfcHJpdmFjeQ8TD4QHBR8xpAUAABQADwIBT580NDQ0MjAzMjiEBwgPAgEAIHJlAAEUYwAB8BEwNjAzNDI0YmQ5OTA0YSZyZXQ9aW1nJmNEYXRhPVVuaSAVMGFsXxwCEV8dAg8iAR8PdQUAHzF1BVKfNDcwMjIzMzg0MgMID9QQAfALZXJyb3IvZS5naWY_bXNnPUludmFsaWQlMjCuFAAHAEFlZmluKQ1xJTIwdXNlZJwQ-wEwNTk4NTcmbG5uPTU0JmZutxAPagAAMSUyRkALJm5zCgADpRE1JTJGiRFyLmpzJmNpZBMRAosWAnoKJG5zYxEBoBEDTAADQgCAJnJpZD0tMSaRCjEtMSbVAFBOYW1lPdsBFUTCAFBFeGNlcPQND_wEDw77FSA2MRQAD-wCT583MDk1MjY4MzPuAwgPYAEABPkSBAgAAxoBES8RD_0RYWNlZjkwZDZmYjY2NWNhYzdmMmZiYzdiM2IwZDhiOGERD2Y0MjMwMjYnAQInBQLvDwosEi85NikHAB80LBJInzY1NzA2MDA1NaEKCA8gAXoPDg4ACSABDxEPQgUmAR84NAYHoWRwbS5kZW1kZXgGDvIiaWQ_ZF92aXNpZF92ZXI9NC40LjAmZF9maWVsZGdyb3VwPU1DJmRfcnRiZD1qc29uJigAEjIIAPApaWZ5PTEmZF9vcmdpZD1EQjk2Mzk3MjVCRDJGQzVCMEE0OTVDNjUlNDBBZG9iZU9yZyZkX25zaWTgCjRzPTFhGUY2MjUzdwIPmRkDACQADZ0JKDI1dAIfWJkZPZ80NzUzMTE4MDjVCggPUAGoDrURD1ABVQ_GAwgA_RYC2RuhdGFnbWFuYWdlct8I9AtndGFnL2pzP2lkPUFXLTEwMTM1MzY0MDYmbCwGAPgFQExheWXYGwDFED8iOiLDBAY-NjEw2wkpMje3Bw_vFjuvNTE5MTg0Njc4MJ0DBw_9AFYeM2sQCv0AD6AEQgMDAS84MeYGCLFsaXZlLnJlenluY_cB9D5zeW5jP2M9MTZiNjQxMDQzMWI2Mzc0ZTc4MDEwNGFiYjA0NDNjYTgmcD0yZjUyMmYyY2JjMGZlY2ViYWRkMjBmOTYxYWFiZGIxMyZrPUEI9AZiYW5rLXBpeGVsLTgyMTkmem1wSURHAhAtHgCgJmNhY2hlX2J1c18cAIcLwTk1NjMwNzU1MTg1NbgZMlVybAIJMDovL7kBA10AAbYAA7EZby9tbG8vba0ZPz42MTG9AygzNSwSAN8aMG5kQ6ATAsIHD7EXKmA2Njc4NzUDAQ-9AgcPugH_Fg54BA-6AVIPxAYID7oB_xUeNPUKCroBDzUFQgR7Ay84OXsDBwB_BA81BxB_OTU5NTgxODQHAkcmY3g9JyAPOQcHLjI2EhAvMzY5B0ifNjMwNTkwODc1wgIIDwEBWh43PQcKAQEPCAJDAwcBHzbtDwgPYhWQDXAeRzYzODCiFg-4BjsUNFcVD3IICA81AY8eM2ISCjUBD3ECQgM8AS83MLEKCPMDcGVvcGxlLmFwaS5ib29tdHJhCRvwAmlkZW50aWZ5L3Jlc29sdmU_WhL0mD1leUpqYjI5cmFXVWlPbnNpWW5OcGJpSTZJaUo5TENKeGRXVnllWE4wY21sdVp5STZlMzBzSW1WNGRHVnlibUZzWDJsa2N5STZleUo2ZVc1aklqb2lPR1F3WlRNek9EZ3RaR014WlMwMFpUWm1MVGszTWpNdE5HSTVZbU5pWW1JNU56UmxPakUyTmpZeU9ESTVOVFV1TXpNek5qQXlJbjE5JnNpdGVf9h0hbnMLCg-aDg4uNDaoHAEUAAU4Eg-aDj-PNTk3MzU1NzUVBggPnAH_ijtjZG4xA0VwMTNuxxMAggwQLxIAdi5taW4uanODAg-YBwcuMzW6GRA0rAcFhgIPpSI9ETGgGB8xohgJD-gAQg9uAwEINh4PDgVCFDXuAA8yHggPghQBAZcWD2wX_wEeNAkIGTXOEwzGARhBxw4BVgEPay0gBGgXHzUQCAgPXC4KALAjD3os_z4OTwsQNXEnBbgEDwoCCg-CKCQUNXIsD4sUCEBwLnRlcR8xdHYvCQAwLWZl5C8PkAUULjEx2AAfNpAFSo82NTcyNTM1MqIECA_TACwPAg8AGTb7DQ-rAUID2AAfNOwICQ-rASsPjQQAD9gACw8GKzITNdkAHzVhCwiBYmF0LmJpbmdWFADoIfAJb24vMD90aT0yMTAxMTI4MiZWZXI9MiZtPx3wFWQzNmNhNGEtYmIyNS00MTY2LThjYjMtMTY4MjFiMDk3Yjk4Jn4ZcDZlYmY2YjBvIfAIMzExZWQ4ZmMwZmZmM2Y2MDBhNGNkJna-JgAlACUzYyUA8AFhNzNiMzM1OTY2OGU1ZDg0JQD0J3M9MSZtc2Nsa2lkPU4mcGk9MCZsZz1lbi1VUyZzdz0xMjgwJnNoPTEwMjQmc2M9MjQmdGw9U5YuQyUyME0cFfAEJTIwTGVuZGVyJTIwJTdDJTIwSs0uRSUyMEPPLgUbAAMxND8ma3dMADcScMsVAegeD4QvQ_ABJnI9Jmx0PTI3OTMmZXZ0PQsm9wNMb2FkJnN2PTEmcm49ODU4NTh_HQ-SIQQuNjjoCTc2ODNDDw-qMUmfODM2ODU4MjQyYxwICbQCAA0AD8EKEy4xMBMINzY4NdkAD8EKPI82MTI5NjA5MVIRCQC_AAWAAwANAA_MABQeM6UKCswADyoFQQTRAB85nQFADzIaAA_RAAsPIwUyBdIAD_wFCCBqc4grsHJ2ci5vcmcvdXBfEwhQZXIuMS7yOA-wARQfMXwCAQhVDA98AjyPNDMyNDg0NTXxIQkP2QAyDzwSACg2ONkADIkCD7gBMgTfAB822wYID98AMh8xaAMALzkyNARHBNkAHzOaMQgP2QAyD2sJAQnZAA-4AUsPdCcIJmNtbQn_BnYyL2FkdmVydGlzZXI_cmVmZXJlcksHT2FidXllcl_BHQBsLUY1OTk1IxFSZmV0Y2gtDgm2JD82NjmSCwAAFAAFagxfRkVUQ0jdOzzANDM5OTk1MDM5fV19
IP 34.242.179.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=1&c=1202&i=8veivj&p=regions-prod-b&s=15759&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjoxLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAPEMaHR0cHM6Ly9tYXBzLmdvb2dsZWFwaXMuY29tFABBL2FwaQkA8Ahqcy9nZW5fMjA0P2NzcF90ZXN0PXRydYsAMHR5cJwAoHhociIsInN0YXKzAMA2NjYyODI5NjU4MjGhAAAKAQoUAFBzb3VyYzkAslhIUl9NQU5BR0VSQQDRdHVzIjoiYWxsb3dlZMAAQGFzb26_ANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlmAM81ODU1NzYyMTM5fSzxAP8U8AhzdGF0aWNtYXA_Y2VudGVyPTM0Ljk5MMIBETkBAOEsJTIwLTkwLjAwNTA2NhMA9Ak5OSZ6b29tPTE1Jm1hcmtlcnM9aWNvbjpTAkN3d3cu6QIBTwLzB34vbWVkaWEvSW1hZ2VzL1dlYlNpdGUOAPIAYnJhbmNoLWxvY2F0b3ItUQB_LnBuZyU3Q4wAE9JzdHlsZT1odWU6JTIzAQCBJTdDc2F0dXLtAvAHOi0xMDAmc2l6ZT00MDB4NDAwJm1hcLwC8Cg9cm9hZG1hcCZrZXk9QUl6YVN5QnMwaHFZZk5Zc1lQWU90Y1pyWWxpNmowSzhCLXdPOW1jIiwiOwBiIjoiaW1ntgIM9wIfNfcCADU2LCL3AkFIVE1M_gDSX1NFVEFUVFJJQlVURUwADwIDLp81MTE3ODg1MDMCAwfxAG5leHVzLmVuc2lnaHRlbqQBA7ABEy8IAAOhBBEvdQTyF3JDb21wb25lbnQucGhwP25hbWVzcGFjZT1Cb290c3RyYXBwZXImSgIgSnPqBB89YwAYY2NvZGUvJicF8ARlZE9uPVR1ZSUyME9jdCUyMDExBQDyBzY6MDc6MzUlMjBHTVQlMjAyMDIyJkNqBSBEPWkFgSZQYWdlSUQ9hAKbJTNBJTJGJTJGigIzJTJGaAJgJTJGbWxvBgD2IG9ydGdhZ2UtbG9hbi1vZmZpY2VyLWplcnJpLWNoYW1iZXJsaW4tc291dGhhdmVu_wFic2NyaXB0tgEKAgI9NzQ5AgI3OTY0AgKwaW5zZXJ0QmVmb3JIBQA7AQH6BD9sb2H3BCGvNzIxMzMwMTk2NPUB_2keNe4GCvUBIG11bAUyb25PywcyckNMPQIC8wMP-wEtHzb7ATIBjQPwGjhlMDk5Mjg5NGVjM2E2MzdhZGYxMWUxOTMwN2JiNjViLmpzP2NvbmRpSwivSWQwPTM2NTI4NxsDETw5NjIbAzg2MDcdBQ8bAzyvNTM4NDcyNDU1NyABlB80IAEMD0YCQgUmAQ84CQjxA3NwLmFuYWx5dGljcy55YWhvbzkG8RBzcHAucGw_YT0xMDAwMCYueXA9MTAxNzU2NTgmaGU9FgphJmF1aWQ9WwYAIwsPQAcKTTYxMDMDAQEUAAVAB_ECaW1nX0RPTUF0dHJNb2RpZmksCgVFBQ8_CiefNDI4MDMwNTAzPQcI8B1hZC5kb3VibGVjbGljay5uZXQvZGRtL2FjdGl2aXR5L3NyYz05MTAwNTc2O-kAcz1wdjtjYXT-AIA7ZGNfbGF0PQgA8BNyZGlkPTt0YWdfZm9yX2NoaWxkX2RpcmVjdGVkX3RyZWF01wv2FT07dGZ1YT07bnBhPTtvcmQ9MT8yNDczNzYxODM1MDEuMTUwMXoDD5QIA082MTA2VAEACXcDD1QBRa82MDYxNDkwNTcxgQMH4mRjLmFkcy5saW5rZWRpkQj_DGNvbGxlY3QvP3BpZD02ODE1MDYmZm10PWdpZu8AEB837wAAGDeBBw_vAEafMjY0NzkzODI17wAHUGN0LnBpbQsxZXN0RAPyCXYzLz90aWQ9MjYxMzQ4MzkxNzU1NyZub2MIHz3gAREfOPEAAB848QBRnzc1Njc5NTczNYEGCAY4BDB0d2nBDQH2AOJpL2Fkc2N0P3BfaWQ9VBkAcCZwX3VzZXISAFAwJnR4bgkA8AFvMXJ4dCZldmVudHM9JTVCAwDwHDIycGFnZXZpZXclMjIlMkNudWxsJTVEJTVEJnR3X3NhbGVfYW1vdW50PTARAP8Ab3JkZXJfcXVhbnRpdHk9hQQRDcMJTzYxMDlRAVGfNjc2Nzg5MDU0zQkIADcCHy9AAYouMTCRAgAUAA_FBVB_NTAzNDM5NnEECTBwdWJxBB1nywUExwXBO3hzcD00OTU4ODAzdgX_AjkzOTUyMDk2OTU2OTgyNjg_hQQPHjHrCBAxFAAPAwFPnzgyMDUwOTkzOMgGCHJpYi5hZG548RHxFHBpeGllP3BpPThkNWYzODlhLTJjMGMtNGM2Zi1iYzc4LTQ0DQqAMDg5MGUmZT1tDVNWaWV3JqIED1EDEB0xFg8gNjEUAA8OAVGPMzI2Mzg0MDKTBQeRcHhsLmppdm94mgThdGFncy9jb252L3B4cmX1DvsNcHg9MjYwMTlhZGVjNTc1NjAmdXNfcHJpdmFjeQ8TD4QHBR8xpAUAABQADwIBT580NDQ0MjAzMjiEBwgPAgEAIHJlAAEUYwAB8BEwNjAzNDI0YmQ5OTA0YSZyZXQ9aW1nJmNEYXRhPVVuaSAVMGFsXxwCEV8dAg8iAR8PdQUAHzF1BVKfNDcwMjIzMzg0MgMID9QQAfALZXJyb3IvZS5naWY_bXNnPUludmFsaWQlMjCuFAAHAEFlZmluKQ1xJTIwdXNlZJwQ-wEwNTk4NTcmbG5uPTU0JmZutxAPagAAMSUyRkALJm5zCgADpRE1JTJGiRFyLmpzJmNpZBMRAosWAnoKJG5zYxEBoBEDTAADQgCAJnJpZD0tMSaRCjEtMSbVAFBOYW1lPdsBFUTCAFBFeGNlcPQND_wEDw77FSA2MRQAD-wCT583MDk1MjY4MzPuAwgPYAEABPkSBAgAAxoBES8RD_0RYWNlZjkwZDZmYjY2NWNhYzdmMmZiYzdiM2IwZDhiOGERD2Y0MjMwMjYnAQInBQLvDwosEi85NikHAB80LBJInzY1NzA2MDA1NaEKCA8gAXoPDg4ACSABDxEPQgUmAR84NAYHoWRwbS5kZW1kZXgGDvIiaWQ_ZF92aXNpZF92ZXI9NC40LjAmZF9maWVsZGdyb3VwPU1DJmRfcnRiZD1qc29uJigAEjIIAPApaWZ5PTEmZF9vcmdpZD1EQjk2Mzk3MjVCRDJGQzVCMEE0OTVDNjUlNDBBZG9iZU9yZyZkX25zaWTgCjRzPTFhGUY2MjUzdwIPmRkDACQADZ0JKDI1dAIfWJkZPZ80NzUzMTE4MDjVCggPUAGoDrURD1ABVQ_GAwgA_RYC2RuhdGFnbWFuYWdlct8I9AtndGFnL2pzP2lkPUFXLTEwMTM1MzY0MDYmbCwGAPgFQExheWXYGwDFED8iOiLDBAY-NjEw2wkpMje3Bw_vFjuvNTE5MTg0Njc4MJ0DBw_9AFYeM2sQCv0AD6AEQgMDAS84MeYGCLFsaXZlLnJlenluY_cB9D5zeW5jP2M9MTZiNjQxMDQzMWI2Mzc0ZTc4MDEwNGFiYjA0NDNjYTgmcD0yZjUyMmYyY2JjMGZlY2ViYWRkMjBmOTYxYWFiZGIxMyZrPUEI9AZiYW5rLXBpeGVsLTgyMTkmem1wSURHAhAtHgCgJmNhY2hlX2J1c18cAIcLwTk1NjMwNzU1MTg1NbgZMlVybAIJMDovL7kBA10AAbYAA7EZby9tbG8vba0ZPz42MTG9AygzNSwSAN8aMG5kQ6ATAsIHD7EXKmA2Njc4NzUDAQ-9AgcPugH_Fg54BA-6AVIPxAYID7oB_xUeNPUKCroBDzUFQgR7Ay84OXsDBwB_BA81BxB_OTU5NTgxODQHAkcmY3g9JyAPOQcHLjI2EhAvMzY5B0ifNjMwNTkwODc1wgIIDwEBWh43PQcKAQEPCAJDAwcBHzbtDwgPYhWQDXAeRzYzODCiFg-4BjsUNFcVD3IICA81AY8eM2ISCjUBD3ECQgM8AS83MLEKCPMDcGVvcGxlLmFwaS5ib29tdHJhCRvwAmlkZW50aWZ5L3Jlc29sdmU_WhL0mD1leUpqYjI5cmFXVWlPbnNpWW5OcGJpSTZJaUo5TENKeGRXVnllWE4wY21sdVp5STZlMzBzSW1WNGRHVnlibUZzWDJsa2N5STZleUo2ZVc1aklqb2lPR1F3WlRNek9EZ3RaR014WlMwMFpUWm1MVGszTWpNdE5HSTVZbU5pWW1JNU56UmxPakUyTmpZeU9ESTVOVFV1TXpNek5qQXlJbjE5JnNpdGVf9h0hbnMLCg-aDg4uNDaoHAEUAAU4Eg-aDj-PNTk3MzU1NzUVBggPnAH_ijtjZG4xA0VwMTNuxxMAggwQLxIAdi5taW4uanODAg-YBwcuMzW6GRA0rAcFhgIPpSI9ETGgGB8xohgJD-gAQg9uAwEINh4PDgVCFDXuAA8yHggPghQBAZcWD2wX_wEeNAkIGTXOEwzGARhBxw4BVgEPay0gBGgXHzUQCAgPXC4KALAjD3os_z4OTwsQNXEnBbgEDwoCCg-CKCQUNXIsD4sUCEBwLnRlcR8xdHYvCQAwLWZl5C8PkAUULjEx2AAfNpAFSo82NTcyNTM1MqIECA_TACwPAg8AGTb7DQ-rAUID2AAfNOwICQ-rASsPjQQAD9gACw8GKzITNdkAHzVhCwiBYmF0LmJpbmdWFADoIfAJb24vMD90aT0yMTAxMTI4MiZWZXI9MiZtPx3wFWQzNmNhNGEtYmIyNS00MTY2LThjYjMtMTY4MjFiMDk3Yjk4Jn4ZcDZlYmY2YjBvIfAIMzExZWQ4ZmMwZmZmM2Y2MDBhNGNkJna-JgAlACUzYyUA8AFhNzNiMzM1OTY2OGU1ZDg0JQD0J3M9MSZtc2Nsa2lkPU4mcGk9MCZsZz1lbi1VUyZzdz0xMjgwJnNoPTEwMjQmc2M9MjQmdGw9U5YuQyUyME0cFfAEJTIwTGVuZGVyJTIwJTdDJTIwSs0uRSUyMEPPLgUbAAMxND8ma3dMADcScMsVAegeD4QvQ_ABJnI9Jmx0PTI3OTMmZXZ0PQsm9wNMb2FkJnN2PTEmcm49ODU4NTh_HQ-SIQQuNjjoCTc2ODNDDw-qMUmfODM2ODU4MjQyYxwICbQCAA0AD8EKEy4xMBMINzY4NdkAD8EKPI82MTI5NjA5MVIRCQC_AAWAAwANAA_MABQeM6UKCswADyoFQQTRAB85nQFADzIaAA_RAAsPIwUyBdIAD_wFCCBqc4grsHJ2ci5vcmcvdXBfEwhQZXIuMS7yOA-wARQfMXwCAQhVDA98AjyPNDMyNDg0NTXxIQkP2QAyDzwSACg2ONkADIkCD7gBMgTfAB822wYID98AMh8xaAMALzkyNARHBNkAHzOaMQgP2QAyD2sJAQnZAA-4AUsPdCcIJmNtbQn_BnYyL2FkdmVydGlzZXI_cmVmZXJlcksHT2FidXllcl_BHQBsLUY1OTk1IxFSZmV0Y2gtDgm2JD82NjmSCwAAFAAFagxfRkVUQ0jdOzzANDM5OTk1MDM5fV19 HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 20 Oct 2022 16:22:37 GMT
expires: Thu, 20 Oct 2022 16:22:36 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=2&c=1202&i=8veivj&p=regions-prod-b&s=14939&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjoxLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAPQoaHR0cHM6Ly8yMDgzOTIxOHAucmZpaHViLmNvbS9jYS5odG1sP3Zlcj05JnJiPTQ2MTIxJmNhPS8AcSZjdXN0MT1GANMlM0ElMkYlMkZ3d3cu4gAARwBvJTJGJnBlJAAO0GxvY2F0b3IlMkZtbG8GAPA-b3J0Z2FnZS1sb2FuLW9mZmljZXItamVycmktY2hhbWJlcmxpbi1zb3V0aGF2ZW4mcGY9JnJhPTg4MTkyODk4MDU1NTI3MDciLCJ0eXA9AVBpZnJhbTwBQHN0YXJXAaA2NjYyODI5NjY3owEgZW6uAQoUAFZzb3VyYzwA8RJfRE9NQXR0ck1vZGlmaWVkIiwic3RhdHVzIjoiYWxsb3cTAGByZWFzb25uAdRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlxAM80MjQ1ODgxNTIzfSygAQUkYzGZAfYBbmV0L2pzL3RjLm1pbi5qc-AAYnNjcmlwdJQACuAAMDM1NSUCAm8ABfQANjUsIuAAo25zZXJ0QmVmb3IiAQLWADBsb2HmAA_TAB2vNjcwMTc0MzcxMtMARx820wAMMW11dOYCEk80AyJyQRoBD9gAMw-rAUgfN9gAHC9DTNkAOR80sQEIsHQucGludGVyZXN02QPyCi92My8_dGlkPTI2MTM0ODM5MTc1NTcmbm-JAiY9MZsCMmltZ6UACpgCPjEwOe0AJzExmAKgYXBwZW5kQ2hpbIcCBW0DD5cCJK83NTY3OTU3MzU35gBaLzM45gAMDKsCD9MBMgTtAC84Nu0ACKFkbi5idHRyYWNr0gH2B2pzLzQ0OTExL2FuYWx5dGljcy8xLjAOAA90BBgvMTH2AAAnMjbcAR9pdAQ7rzU3NTEzNDQ3NjnwAGMuNDHmAQnwAA_mAUIE9gAfOWoFCfABb25uZWN0LmZhY2Vib29rLkQG72VuX1VTL2ZiZXZlbnRzSQYUHzEpBwEfNEkGSJ80NDA4ODkyODWYBAkP3wA3HzN9BQAJ3wAPxAFCBOUAHzi6AgiBYmF0LmJpbmenAyBhY78J8rQvMD90aT0yMTAxMTI4MiZWZXI9MiZtaWQ9MWQzNmNhNGEtYmIyNS00MTY2LThjYjMtMTY4MjFiMDk3Yjk4JnNpZD02ZWJmNmIwMDUwOTMxMWVkOGZjMGZmZjNmNjAwYTRjZCZ2aWQ9NmViZjYzYzA1MDkzMTFlZGE3M2IzMzU5NjY4ZTVkODQmdmlkcz0xJm1zY2xraWQ9TiZwaT0wJmxnPWVuLVVTJnN3PTEyODAmc2g9MTAyNCZzYz0yNCZ0bD1Tb3W7CUMlMjBN7gnwBCUyMExlbmRlciUyMCU3QyUyMEryCUUlMjBD9AkFGwAD6QpPJmt3PUwANh9wqQpP_xdyPSZsdD0yNzkzJmV2dD1wYWdlTG9hZCZzdj0xJnJuPTg1ODU4Nj0HDj42ODRxBBg0YQUPrQILUWVycm9yHgwPrwobrzgzNjg1ODI0MzBoBQcPrgL__wMPgwwAD64CCgmwCw-tAi4fMa0CB4FpYi5hZG54c1sF8ypwaXhpZT9waT04ZDVmMzg5YS0yYzBjLTRjNmYtYmM3OC00NDRlYzNhMDg5MGUmZT1QYWdlVmlldyb1CgD9DxN0cA4P9QoEHzG6DAAfNfUKR584MjMyNjM4NDC0DAgPAwFdLjQwuwQJAwEPuwQLD_8LJAQKAR8y_wsI8gRwdWJhZHMuZy5kb3VibGVjbGljMAkAdAf_F3ZpdHk7eHNwPTQ5NTg4MDM7b3JkPTkzOTUyMDk2OTU2OTgyNjg_ugUOPzExMv8AABcyGwsP9ww7IDgy4gc_OTM4AgIID_gAUx8z-ABjDz0KCA_4AFIfM-cOABg18AEP7wJEAfcBLzQxqQcIsXBpeGVsLnF1YW50WhQEBAXxC2VsO3I9NjI1NjE0NzA2O2xhYmVscz1fZnAuMAwULvcEETsPAP8UPXJlZnJlc2g7cmY9MzthPXAtQU15N3cyeTduelJnMzt1cmxXCU7QO3VodD0yO2ZwYW49MQcAYD1QMC0yMJIDZjk2NTQtMdoT8AY3NjtwYmM9O25zPTA7Y2U9MTtxanMGAOF2PTdhMWNiYTE0LTIwMloL9woxMzE3MzY7Y209O2dkcHI9MDtyZWY9O2Q94hSoO2RzdD0wO2V0PWUAwDU7dHpvPTA7b2dsPd0UMWxlLnQN0yUyQ3NpdGVfbmFtZS7DCnBCYW5rJTJDOQb_Ai5hcnRpY2xlJTJDVGl0bGUu2wo1UiUyQ2RlpgZQaW9uLkxBFmBuZyUyMGZ2FWYwYSUyMG2GCxRshgtWaW4lMjCEAC8zRpQLBVNhdCUyMNAAMiUyMNMAvTBjYW4lMkN1cmwuJRZTJTI1MkVHAQEMAGBjb20lMkYsAQ8JFg8BFwwWLRUMES2jAI8lMkNpbWFnZW0AFhAtahaAZWRpYSUyRkk6ALVzJTJGV2ViU2l0ZRAAA6QAUS1sb2dvqQCgcG5nJTNGcmV2aQsY8BIlM0QwO3Nlcz03ZDQyODhkOS1lODQ0LTQ4MjAtYWUyMS0cBo9kNDI3Yjc2NB0GDi83NzgRAAAUAAasFS9tZ4kWRX84NTk1ODY4MAUIbHNlY3VyZTIEAUEED0QQFR8xuAwAGDgACQ8ZEjyvNzQzMDcyODQ3OAQKBw_XADAP5QUBCdcADOUFCeEKD9MIJAPcAB813QkJD9wAMA-wCQEP3AAKD8IUMwK5AS81MJACCG9nb29nbGWzCQMAWg_zAmFkL3ZpZXd0aHJvdWdoY29uwBv4BC8xMDEzNTM2NDA2Lz9yYW5kb22-Bak5OSZjdj05JmZz1QXxADk5Jm51bT0xJmZtdD0zJhcH8Qs9RjBrUUNJV0lncVlCRUphdHBlTUQmYmc9ZgEA8QAmZ3VpZD1PTiZyZXNwPUevAOJtS1R5YlFoQ3NPJnVfaBcRMnVfdygRMHVfYRMAZTAyJnVfYRQAIGNkNhFAdV9oaWwR8Qx1X3R6PTAmdV9qYXZhPWZhbHNlJnVfbnBsdWcXAPANbm1pbWU9MCZndG09Mm9hYWgwJnNlbmRiPTEmaSIAAJYaET27BzYlM0QVAUAmZnJtQAAPrwdQXyZ0aWJhtxE3EGFlAWAyMDU4OTYAHBYuiQcABAGQX2VlPTEmaG49mxwCMgIA6QiiJmdjcD0xJmN0X04d_wFfcHJlc2VudD0xJmFzeW5jwhgQLjgwzQQBFAAPrgVPnzc0NTU4OTIzOdYLCArwABMvEQMG8QERX-gAD7kFFC4yN-IWKDgwcRIPuQU8nzUyMjU3MzIwORgVCA_iADwOABYK4gAMxAUP6AQyA-gAPzEwNaEGBw_oADovMza2AgAnMTCBDg_KAUMfMaYYCQ_iADwORgkZOOIAD8oBSh85dBsIAOgAcHlvdXR1YmWFBBIvlyBGX2FwaRwKAqcLDzMdAh4zPBAQOFAQBXEEDzwQO580MzQ3MTc4NTTSAEgOFhAP0gBSDwYSCA-kASwPCxwACtIADH0CDwsKMQSqAR81RgQMD3wCKB80fAIBFzM3BAzYAA8fBTIF2QAPgwIICXEYIHAvrRMxb24vwg8_Mjgy4QYULzY34AAAGDPeHA9cAzt_ODQyNjYwM0oZFw_ZACYPKxoAGTjZAA-5AUIE4AAfNJweCAVpIEAudHdpJyUCFAXSL2Fkc2N0P3BfaWQ9VBkAcCZwX3VzZXISAFAwJnR4bgkAYW8xcnh0JskKUHM9JTVCAwAgMjLnCAD1C_ASJTIyJTJDbnVsbCU1RCU1RCZ0d19zYWxlX2Ftb3VudD0wEQBhb3JkZXJfwQ5PaXR5PcAXEQ69Fjc4OTQGAw8mAjufNjc2Nzg5MDU02AMID0YBoA8VIwAKRgEMkwIPJAUxBEwBHzc0CwgPTAGhDmAWD0wBCw-YBTIFTQEPnw8ID2AW____gx84vwYBCOUID3kFQSM0MlsWD8QJCAx1C6BzL3BsYXllci8yfh_7CThiZC93d3ctd2lkZ2V0YXBpLnZmbHNldBUADxEtExA4ZSoL8S0QOY0qBUYNDwEPPJ82MzA2MjU0MzYLCQgPAAFaDuoKCgABDAUCDzIGMwQGAQ9_BwhScnVsZXNgGBBjpgkBEAoBFQAbLVccD9YLFC43Nx4HLzkztxJJjzA2MTI2MDU0GAcIAdEAD-YAOgCPFwzSAgnmAA_SAUIUNewAD9gDCDF0LnShFzF0di9qLBI_ng0B-SYBOyPzAGVudj1qcy13ZWImdGFnX6IX8QY9Ni43LjBfOGFlNDU3MCZidXllcl9QCAD6C881OTk1JnJlZmVyZXJcHk4RJnkMMHNlc-8bAH4A4GUxNjFjNDkwLTEwNTUtvzH2Ay1iMDE4LTJlOThhNTAwNWRlN84RD_4uBB85AwsAEDlGGgaFBA_qG0WfNTEwMDI0NTYzjwQMBiwXBDwWMDFwLQ0BEC3GMg9EGQ0cNEQZMDE2MAEAA0QZDiMZDw0ZXgkIGTBndGFfK09uZmlnCRmoArkYA6EaYGlzX3Z0Y1cqAuIarzI5NTE2NjgyODmPGgT_AHJtdF90bGQ9MCZpcHI9ecQCDx40vRMQORQAD8QCT584MDYwMDMzOTd7BAgAUwcDxAIvbm_DAv_dHzHDAhYODRkoOTTQER9phwVF0DYyMjEyOTgyOTZ9XX0
34.242.179.188204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=2&c=1202&i=8veivj&p=regions-prod-b&s=14939&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjoxLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAPQoaHR0cHM6Ly8yMDgzOTIxOHAucmZpaHViLmNvbS9jYS5odG1sP3Zlcj05JnJiPTQ2MTIxJmNhPS8AcSZjdXN0MT1GANMlM0ElMkYlMkZ3d3cu4gAARwBvJTJGJnBlJAAO0GxvY2F0b3IlMkZtbG8GAPA-b3J0Z2FnZS1sb2FuLW9mZmljZXItamVycmktY2hhbWJlcmxpbi1zb3V0aGF2ZW4mcGY9JnJhPTg4MTkyODk4MDU1NTI3MDciLCJ0eXA9AVBpZnJhbTwBQHN0YXJXAaA2NjYyODI5NjY3owEgZW6uAQoUAFZzb3VyYzwA8RJfRE9NQXR0ck1vZGlmaWVkIiwic3RhdHVzIjoiYWxsb3cTAGByZWFzb25uAdRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlxAM80MjQ1ODgxNTIzfSygAQUkYzGZAfYBbmV0L2pzL3RjLm1pbi5qc-AAYnNjcmlwdJQACuAAMDM1NSUCAm8ABfQANjUsIuAAo25zZXJ0QmVmb3IiAQLWADBsb2HmAA_TAB2vNjcwMTc0MzcxMtMARx820wAMMW11dOYCEk80AyJyQRoBD9gAMw-rAUgfN9gAHC9DTNkAOR80sQEIsHQucGludGVyZXN02QPyCi92My8_dGlkPTI2MTM0ODM5MTc1NTcmbm-JAiY9MZsCMmltZ6UACpgCPjEwOe0AJzExmAKgYXBwZW5kQ2hpbIcCBW0DD5cCJK83NTY3OTU3MzU35gBaLzM45gAMDKsCD9MBMgTtAC84Nu0ACKFkbi5idHRyYWNr0gH2B2pzLzQ0OTExL2FuYWx5dGljcy8xLjAOAA90BBgvMTH2AAAnMjbcAR9pdAQ7rzU3NTEzNDQ3NjnwAGMuNDHmAQnwAA_mAUIE9gAfOWoFCfABb25uZWN0LmZhY2Vib29rLkQG72VuX1VTL2ZiZXZlbnRzSQYUHzEpBwEfNEkGSJ80NDA4ODkyODWYBAkP3wA3HzN9BQAJ3wAPxAFCBOUAHzi6AgiBYmF0LmJpbmenAyBhY78J8rQvMD90aT0yMTAxMTI4MiZWZXI9MiZtaWQ9MWQzNmNhNGEtYmIyNS00MTY2LThjYjMtMTY4MjFiMDk3Yjk4JnNpZD02ZWJmNmIwMDUwOTMxMWVkOGZjMGZmZjNmNjAwYTRjZCZ2aWQ9NmViZjYzYzA1MDkzMTFlZGE3M2IzMzU5NjY4ZTVkODQmdmlkcz0xJm1zY2xraWQ9TiZwaT0wJmxnPWVuLVVTJnN3PTEyODAmc2g9MTAyNCZzYz0yNCZ0bD1Tb3W7CUMlMjBN7gnwBCUyMExlbmRlciUyMCU3QyUyMEryCUUlMjBD9AkFGwAD6QpPJmt3PUwANh9wqQpP_xdyPSZsdD0yNzkzJmV2dD1wYWdlTG9hZCZzdj0xJnJuPTg1ODU4Nj0HDj42ODRxBBg0YQUPrQILUWVycm9yHgwPrwobrzgzNjg1ODI0MzBoBQcPrgL__wMPgwwAD64CCgmwCw-tAi4fMa0CB4FpYi5hZG54c1sF8ypwaXhpZT9waT04ZDVmMzg5YS0yYzBjLTRjNmYtYmM3OC00NDRlYzNhMDg5MGUmZT1QYWdlVmlldyb1CgD9DxN0cA4P9QoEHzG6DAAfNfUKR584MjMyNjM4NDC0DAgPAwFdLjQwuwQJAwEPuwQLD_8LJAQKAR8y_wsI8gRwdWJhZHMuZy5kb3VibGVjbGljMAkAdAf_F3ZpdHk7eHNwPTQ5NTg4MDM7b3JkPTkzOTUyMDk2OTU2OTgyNjg_ugUOPzExMv8AABcyGwsP9ww7IDgy4gc_OTM4AgIID_gAUx8z-ABjDz0KCA_4AFIfM-cOABg18AEP7wJEAfcBLzQxqQcIsXBpeGVsLnF1YW50WhQEBAXxC2VsO3I9NjI1NjE0NzA2O2xhYmVscz1fZnAuMAwULvcEETsPAP8UPXJlZnJlc2g7cmY9MzthPXAtQU15N3cyeTduelJnMzt1cmxXCU7QO3VodD0yO2ZwYW49MQcAYD1QMC0yMJIDZjk2NTQtMdoT8AY3NjtwYmM9O25zPTA7Y2U9MTtxanMGAOF2PTdhMWNiYTE0LTIwMloL9woxMzE3MzY7Y209O2dkcHI9MDtyZWY9O2Q94hSoO2RzdD0wO2V0PWUAwDU7dHpvPTA7b2dsPd0UMWxlLnQN0yUyQ3NpdGVfbmFtZS7DCnBCYW5rJTJDOQb_Ai5hcnRpY2xlJTJDVGl0bGUu2wo1UiUyQ2RlpgZQaW9uLkxBFmBuZyUyMGZ2FWYwYSUyMG2GCxRshgtWaW4lMjCEAC8zRpQLBVNhdCUyMNAAMiUyMNMAvTBjYW4lMkN1cmwuJRZTJTI1MkVHAQEMAGBjb20lMkYsAQ8JFg8BFwwWLRUMES2jAI8lMkNpbWFnZW0AFhAtahaAZWRpYSUyRkk6ALVzJTJGV2ViU2l0ZRAAA6QAUS1sb2dvqQCgcG5nJTNGcmV2aQsY8BIlM0QwO3Nlcz03ZDQyODhkOS1lODQ0LTQ4MjAtYWUyMS0cBo9kNDI3Yjc2NB0GDi83NzgRAAAUAAasFS9tZ4kWRX84NTk1ODY4MAUIbHNlY3VyZTIEAUEED0QQFR8xuAwAGDgACQ8ZEjyvNzQzMDcyODQ3OAQKBw_XADAP5QUBCdcADOUFCeEKD9MIJAPcAB813QkJD9wAMA-wCQEP3AAKD8IUMwK5AS81MJACCG9nb29nbGWzCQMAWg_zAmFkL3ZpZXd0aHJvdWdoY29uwBv4BC8xMDEzNTM2NDA2Lz9yYW5kb22-Bak5OSZjdj05JmZz1QXxADk5Jm51bT0xJmZtdD0zJhcH8Qs9RjBrUUNJV0lncVlCRUphdHBlTUQmYmc9ZgEA8QAmZ3VpZD1PTiZyZXNwPUevAOJtS1R5YlFoQ3NPJnVfaBcRMnVfdygRMHVfYRMAZTAyJnVfYRQAIGNkNhFAdV9oaWwR8Qx1X3R6PTAmdV9qYXZhPWZhbHNlJnVfbnBsdWcXAPANbm1pbWU9MCZndG09Mm9hYWgwJnNlbmRiPTEmaSIAAJYaET27BzYlM0QVAUAmZnJtQAAPrwdQXyZ0aWJhtxE3EGFlAWAyMDU4OTYAHBYuiQcABAGQX2VlPTEmaG49mxwCMgIA6QiiJmdjcD0xJmN0X04d_wFfcHJlc2VudD0xJmFzeW5jwhgQLjgwzQQBFAAPrgVPnzc0NTU4OTIzOdYLCArwABMvEQMG8QERX-gAD7kFFC4yN-IWKDgwcRIPuQU8nzUyMjU3MzIwORgVCA_iADwOABYK4gAMxAUP6AQyA-gAPzEwNaEGBw_oADovMza2AgAnMTCBDg_KAUMfMaYYCQ_iADwORgkZOOIAD8oBSh85dBsIAOgAcHlvdXR1YmWFBBIvlyBGX2FwaRwKAqcLDzMdAh4zPBAQOFAQBXEEDzwQO580MzQ3MTc4NTTSAEgOFhAP0gBSDwYSCA-kASwPCxwACtIADH0CDwsKMQSqAR81RgQMD3wCKB80fAIBFzM3BAzYAA8fBTIF2QAPgwIICXEYIHAvrRMxb24vwg8_Mjgy4QYULzY34AAAGDPeHA9cAzt_ODQyNjYwM0oZFw_ZACYPKxoAGTjZAA-5AUIE4AAfNJweCAVpIEAudHdpJyUCFAXSL2Fkc2N0P3BfaWQ9VBkAcCZwX3VzZXISAFAwJnR4bgkAYW8xcnh0JskKUHM9JTVCAwAgMjLnCAD1C_ASJTIyJTJDbnVsbCU1RCU1RCZ0d19zYWxlX2Ftb3VudD0wEQBhb3JkZXJfwQ5PaXR5PcAXEQ69Fjc4OTQGAw8mAjufNjc2Nzg5MDU02AMID0YBoA8VIwAKRgEMkwIPJAUxBEwBHzc0CwgPTAGhDmAWD0wBCw-YBTIFTQEPnw8ID2AW____gx84vwYBCOUID3kFQSM0MlsWD8QJCAx1C6BzL3BsYXllci8yfh_7CThiZC93d3ctd2lkZ2V0YXBpLnZmbHNldBUADxEtExA4ZSoL8S0QOY0qBUYNDwEPPJ82MzA2MjU0MzYLCQgPAAFaDuoKCgABDAUCDzIGMwQGAQ9_BwhScnVsZXNgGBBjpgkBEAoBFQAbLVccD9YLFC43Nx4HLzkztxJJjzA2MTI2MDU0GAcIAdEAD-YAOgCPFwzSAgnmAA_SAUIUNewAD9gDCDF0LnShFzF0di9qLBI_ng0B-SYBOyPzAGVudj1qcy13ZWImdGFnX6IX8QY9Ni43LjBfOGFlNDU3MCZidXllcl9QCAD6C881OTk1JnJlZmVyZXJcHk4RJnkMMHNlc-8bAH4A4GUxNjFjNDkwLTEwNTUtvzH2Ay1iMDE4LTJlOThhNTAwNWRlN84RD_4uBB85AwsAEDlGGgaFBA_qG0WfNTEwMDI0NTYzjwQMBiwXBDwWMDFwLQ0BEC3GMg9EGQ0cNEQZMDE2MAEAA0QZDiMZDw0ZXgkIGTBndGFfK09uZmlnCRmoArkYA6EaYGlzX3Z0Y1cqAuIarzI5NTE2NjgyODmPGgT_AHJtdF90bGQ9MCZpcHI9ecQCDx40vRMQORQAD8QCT584MDYwMDMzOTd7BAgAUwcDxAIvbm_DAv_dHzHDAhYODRkoOTTQER9phwVF0DYyMjEyOTgyOTZ9XX0
IP 34.242.179.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=2&c=1202&i=8veivj&p=regions-prod-b&s=14939&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjoxLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAPQoaHR0cHM6Ly8yMDgzOTIxOHAucmZpaHViLmNvbS9jYS5odG1sP3Zlcj05JnJiPTQ2MTIxJmNhPS8AcSZjdXN0MT1GANMlM0ElMkYlMkZ3d3cu4gAARwBvJTJGJnBlJAAO0GxvY2F0b3IlMkZtbG8GAPA-b3J0Z2FnZS1sb2FuLW9mZmljZXItamVycmktY2hhbWJlcmxpbi1zb3V0aGF2ZW4mcGY9JnJhPTg4MTkyODk4MDU1NTI3MDciLCJ0eXA9AVBpZnJhbTwBQHN0YXJXAaA2NjYyODI5NjY3owEgZW6uAQoUAFZzb3VyYzwA8RJfRE9NQXR0ck1vZGlmaWVkIiwic3RhdHVzIjoiYWxsb3cTAGByZWFzb25uAdRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlxAM80MjQ1ODgxNTIzfSygAQUkYzGZAfYBbmV0L2pzL3RjLm1pbi5qc-AAYnNjcmlwdJQACuAAMDM1NSUCAm8ABfQANjUsIuAAo25zZXJ0QmVmb3IiAQLWADBsb2HmAA_TAB2vNjcwMTc0MzcxMtMARx820wAMMW11dOYCEk80AyJyQRoBD9gAMw-rAUgfN9gAHC9DTNkAOR80sQEIsHQucGludGVyZXN02QPyCi92My8_dGlkPTI2MTM0ODM5MTc1NTcmbm-JAiY9MZsCMmltZ6UACpgCPjEwOe0AJzExmAKgYXBwZW5kQ2hpbIcCBW0DD5cCJK83NTY3OTU3MzU35gBaLzM45gAMDKsCD9MBMgTtAC84Nu0ACKFkbi5idHRyYWNr0gH2B2pzLzQ0OTExL2FuYWx5dGljcy8xLjAOAA90BBgvMTH2AAAnMjbcAR9pdAQ7rzU3NTEzNDQ3NjnwAGMuNDHmAQnwAA_mAUIE9gAfOWoFCfABb25uZWN0LmZhY2Vib29rLkQG72VuX1VTL2ZiZXZlbnRzSQYUHzEpBwEfNEkGSJ80NDA4ODkyODWYBAkP3wA3HzN9BQAJ3wAPxAFCBOUAHzi6AgiBYmF0LmJpbmenAyBhY78J8rQvMD90aT0yMTAxMTI4MiZWZXI9MiZtaWQ9MWQzNmNhNGEtYmIyNS00MTY2LThjYjMtMTY4MjFiMDk3Yjk4JnNpZD02ZWJmNmIwMDUwOTMxMWVkOGZjMGZmZjNmNjAwYTRjZCZ2aWQ9NmViZjYzYzA1MDkzMTFlZGE3M2IzMzU5NjY4ZTVkODQmdmlkcz0xJm1zY2xraWQ9TiZwaT0wJmxnPWVuLVVTJnN3PTEyODAmc2g9MTAyNCZzYz0yNCZ0bD1Tb3W7CUMlMjBN7gnwBCUyMExlbmRlciUyMCU3QyUyMEryCUUlMjBD9AkFGwAD6QpPJmt3PUwANh9wqQpP_xdyPSZsdD0yNzkzJmV2dD1wYWdlTG9hZCZzdj0xJnJuPTg1ODU4Nj0HDj42ODRxBBg0YQUPrQILUWVycm9yHgwPrwobrzgzNjg1ODI0MzBoBQcPrgL__wMPgwwAD64CCgmwCw-tAi4fMa0CB4FpYi5hZG54c1sF8ypwaXhpZT9waT04ZDVmMzg5YS0yYzBjLTRjNmYtYmM3OC00NDRlYzNhMDg5MGUmZT1QYWdlVmlldyb1CgD9DxN0cA4P9QoEHzG6DAAfNfUKR584MjMyNjM4NDC0DAgPAwFdLjQwuwQJAwEPuwQLD_8LJAQKAR8y_wsI8gRwdWJhZHMuZy5kb3VibGVjbGljMAkAdAf_F3ZpdHk7eHNwPTQ5NTg4MDM7b3JkPTkzOTUyMDk2OTU2OTgyNjg_ugUOPzExMv8AABcyGwsP9ww7IDgy4gc_OTM4AgIID_gAUx8z-ABjDz0KCA_4AFIfM-cOABg18AEP7wJEAfcBLzQxqQcIsXBpeGVsLnF1YW50WhQEBAXxC2VsO3I9NjI1NjE0NzA2O2xhYmVscz1fZnAuMAwULvcEETsPAP8UPXJlZnJlc2g7cmY9MzthPXAtQU15N3cyeTduelJnMzt1cmxXCU7QO3VodD0yO2ZwYW49MQcAYD1QMC0yMJIDZjk2NTQtMdoT8AY3NjtwYmM9O25zPTA7Y2U9MTtxanMGAOF2PTdhMWNiYTE0LTIwMloL9woxMzE3MzY7Y209O2dkcHI9MDtyZWY9O2Q94hSoO2RzdD0wO2V0PWUAwDU7dHpvPTA7b2dsPd0UMWxlLnQN0yUyQ3NpdGVfbmFtZS7DCnBCYW5rJTJDOQb_Ai5hcnRpY2xlJTJDVGl0bGUu2wo1UiUyQ2RlpgZQaW9uLkxBFmBuZyUyMGZ2FWYwYSUyMG2GCxRshgtWaW4lMjCEAC8zRpQLBVNhdCUyMNAAMiUyMNMAvTBjYW4lMkN1cmwuJRZTJTI1MkVHAQEMAGBjb20lMkYsAQ8JFg8BFwwWLRUMES2jAI8lMkNpbWFnZW0AFhAtahaAZWRpYSUyRkk6ALVzJTJGV2ViU2l0ZRAAA6QAUS1sb2dvqQCgcG5nJTNGcmV2aQsY8BIlM0QwO3Nlcz03ZDQyODhkOS1lODQ0LTQ4MjAtYWUyMS0cBo9kNDI3Yjc2NB0GDi83NzgRAAAUAAasFS9tZ4kWRX84NTk1ODY4MAUIbHNlY3VyZTIEAUEED0QQFR8xuAwAGDgACQ8ZEjyvNzQzMDcyODQ3OAQKBw_XADAP5QUBCdcADOUFCeEKD9MIJAPcAB813QkJD9wAMA-wCQEP3AAKD8IUMwK5AS81MJACCG9nb29nbGWzCQMAWg_zAmFkL3ZpZXd0aHJvdWdoY29uwBv4BC8xMDEzNTM2NDA2Lz9yYW5kb22-Bak5OSZjdj05JmZz1QXxADk5Jm51bT0xJmZtdD0zJhcH8Qs9RjBrUUNJV0lncVlCRUphdHBlTUQmYmc9ZgEA8QAmZ3VpZD1PTiZyZXNwPUevAOJtS1R5YlFoQ3NPJnVfaBcRMnVfdygRMHVfYRMAZTAyJnVfYRQAIGNkNhFAdV9oaWwR8Qx1X3R6PTAmdV9qYXZhPWZhbHNlJnVfbnBsdWcXAPANbm1pbWU9MCZndG09Mm9hYWgwJnNlbmRiPTEmaSIAAJYaET27BzYlM0QVAUAmZnJtQAAPrwdQXyZ0aWJhtxE3EGFlAWAyMDU4OTYAHBYuiQcABAGQX2VlPTEmaG49mxwCMgIA6QiiJmdjcD0xJmN0X04d_wFfcHJlc2VudD0xJmFzeW5jwhgQLjgwzQQBFAAPrgVPnzc0NTU4OTIzOdYLCArwABMvEQMG8QERX-gAD7kFFC4yN-IWKDgwcRIPuQU8nzUyMjU3MzIwORgVCA_iADwOABYK4gAMxAUP6AQyA-gAPzEwNaEGBw_oADovMza2AgAnMTCBDg_KAUMfMaYYCQ_iADwORgkZOOIAD8oBSh85dBsIAOgAcHlvdXR1YmWFBBIvlyBGX2FwaRwKAqcLDzMdAh4zPBAQOFAQBXEEDzwQO580MzQ3MTc4NTTSAEgOFhAP0gBSDwYSCA-kASwPCxwACtIADH0CDwsKMQSqAR81RgQMD3wCKB80fAIBFzM3BAzYAA8fBTIF2QAPgwIICXEYIHAvrRMxb24vwg8_Mjgy4QYULzY34AAAGDPeHA9cAzt_ODQyNjYwM0oZFw_ZACYPKxoAGTjZAA-5AUIE4AAfNJweCAVpIEAudHdpJyUCFAXSL2Fkc2N0P3BfaWQ9VBkAcCZwX3VzZXISAFAwJnR4bgkAYW8xcnh0JskKUHM9JTVCAwAgMjLnCAD1C_ASJTIyJTJDbnVsbCU1RCU1RCZ0d19zYWxlX2Ftb3VudD0wEQBhb3JkZXJfwQ5PaXR5PcAXEQ69Fjc4OTQGAw8mAjufNjc2Nzg5MDU02AMID0YBoA8VIwAKRgEMkwIPJAUxBEwBHzc0CwgPTAGhDmAWD0wBCw-YBTIFTQEPnw8ID2AW____gx84vwYBCOUID3kFQSM0MlsWD8QJCAx1C6BzL3BsYXllci8yfh_7CThiZC93d3ctd2lkZ2V0YXBpLnZmbHNldBUADxEtExA4ZSoL8S0QOY0qBUYNDwEPPJ82MzA2MjU0MzYLCQgPAAFaDuoKCgABDAUCDzIGMwQGAQ9_BwhScnVsZXNgGBBjpgkBEAoBFQAbLVccD9YLFC43Nx4HLzkztxJJjzA2MTI2MDU0GAcIAdEAD-YAOgCPFwzSAgnmAA_SAUIUNewAD9gDCDF0LnShFzF0di9qLBI_ng0B-SYBOyPzAGVudj1qcy13ZWImdGFnX6IX8QY9Ni43LjBfOGFlNDU3MCZidXllcl9QCAD6C881OTk1JnJlZmVyZXJcHk4RJnkMMHNlc-8bAH4A4GUxNjFjNDkwLTEwNTUtvzH2Ay1iMDE4LTJlOThhNTAwNWRlN84RD_4uBB85AwsAEDlGGgaFBA_qG0WfNTEwMDI0NTYzjwQMBiwXBDwWMDFwLQ0BEC3GMg9EGQ0cNEQZMDE2MAEAA0QZDiMZDw0ZXgkIGTBndGFfK09uZmlnCRmoArkYA6EaYGlzX3Z0Y1cqAuIarzI5NTE2NjgyODmPGgT_AHJtdF90bGQ9MCZpcHI9ecQCDx40vRMQORQAD8QCT584MDYwMDMzOTd7BAgAUwcDxAIvbm_DAv_dHzHDAhYODRkoOTTQER9phwVF0DYyMjEyOTgyOTZ9XX0 HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 20 Oct 2022 16:22:37 GMT
expires: Thu, 20 Oct 2022 16:22:36 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y1F1zQAAAIjrFQN-
34.249.106.217200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y1F1zQAAAIjrFQN-
IP 34.249.106.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y1F1zQAAAIjrFQN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.regions.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v044-077cfb62e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: ymv4BtmVQXg=
Content-Length: 59
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0777e315d93e82189f73cc7d546105f7
aa61432c98ab753d29d497db7922d6f1368f63b9
79914861ae57bc1b9e6ce2c1ee30d54262153791da02d859a2119059977c8fc7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 04:31:54 GMT
Expires: Tue, 25 Oct 2022 04:31:53 GMT
Etag: "aa61432c98ab753d29d497db7922d6f1368f63b9"
Cache-Control: max-age=388755,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d317e51bb90b31-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0777e315d93e82189f73cc7d546105f7
aa61432c98ab753d29d497db7922d6f1368f63b9
79914861ae57bc1b9e6ce2c1ee30d54262153791da02d859a2119059977c8fc7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 04:31:54 GMT
Expires: Tue, 25 Oct 2022 04:31:53 GMT
Etag: "aa61432c98ab753d29d497db7922d6f1368f63b9"
Cache-Control: max-age=388755,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d317e51d09b503-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0de6c5228c70ac66a5e876181410c526
e86b1aae84569e1f57ebeb16f082ea1a5ce69b8a
6896d87b0506c52550b0364dbe33989d61d6a892f8f64b07a796bf71b5058045
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 16:22:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 23:37:41 GMT
Expires: Mon, 24 Oct 2022 23:37:40 GMT
Etag: "e86b1aae84569e1f57ebeb16f082ea1a5ce69b8a"
Cache-Control: max-age=371101,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d317eb8a700b31-OSL
siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_d6XJAZtXw3FDrIp&Q_SIID=SI_9ZSfygjz9UlZlBP&Q_ASID=AS_41676732&Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&r=1666282967937
104.17.208.240200 OK 2.6 kB URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_d6XJAZtXw3FDrIp&Q_SIID=SI_9ZSfygjz9UlZlBP&Q_ASID=AS_41676732&Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&r=1666282967937
IP 104.17.208.240:0
File type ASCII text, with no line terminators
Hash c5030049ee4cad93df2a3f2de1d0e6e7
546468e9b597c7e8cbf96768fe902d16e857866c
bb4624b9bafb82aecbcef212395e30f91a7f01dd4d8d77892bf7c635e8a13f5e
POST /WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_d6XJAZtXw3FDrIp&Q_SIID=SI_9ZSfygjz9UlZlBP&Q_ASID=AS_41676732&Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&r=1666282967937 HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 82
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:37 GMT
content-type: text/plain; charset=UTF-8
cf-ray: 75d317e28f6cb51d-OSL
access-control-allow-origin: https://www.regions.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
trace-id: 60df84351d523444
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=5&c=1202&i=8veivj&p=regions-prod-b&s=9235&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjoxLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAPElaHR0cHM6Ly9zaXRlaW50ZXJjZXB0LnF1YWx0cmljcy5jb20vZHhqc21vZHVsZS9Db3JlTQsA9AwuanM_UV9DTElFTlRWRVJTSU9OPTEuNzkuMCYXAPMEVFlQRT13ZWImUV9CUkFORElEPfkAYCIsInR5cNEA0HNjcmlwdCIsInN0YXLrAMA2NjYyODI5Njc2NzbZAABCAQUUAKA3NTUsInNvdXJjPAAxbXV0xwASTxUBMnJDTEgAoXR1cyI6ImxvYWT8AEBhc29u-wDUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpagDPODI2MDMyMjg3MH0sLQEGIm1lHgEDzwABJgFTYi9zcy8RAEBiYW5r3AHywC8xMC9KUy0yLjIyLjMvczUyNTMwODQ1OTQzMDQxP0FRQj0xJm5kaD0xJnBmPTEmY2FsbGJhY2s9c19jX2lsWzBdLmRvUG9zdGJhY2tzJmV0PTEmdD0yMCUyRjklMkYyMDIyJTIwMTYlM0EyMiUzQTQ3JTIwNCUyMDAmZC4mbnNpZD0wJmpzb252PTEmLmQmbWlkPTAzODA5MjE3Mzc3MzA3MzY3MTI0NDIwMjg0OTExNzE5OTMzNzAwJmFhbWxoPTYmY2U9VVRGLTgmbnM9crYC8D4mY2RwPTImcGFnZU5hbWU9cmRjJTdDbG9jYXRvciU3Q21vcnRnYWdlJTIwbG9hbiUyMG9mZmljZXIlMjBqZXJyaSUyMGNoYW1iZXJsaR8AwXNvdXRoYXZlbiZnPZAC0yUzQSUyRiUyRnd3dy5TAQBkATQlMkZnAIQyRm1sbyUyRm0AEC1rABMtaQARLWcAJS1jZQAWLWMA8w5jLiZhcGw9NC4wJmdldFByZXZpb3VzVmFsdWU9MxUAAAYD8AVudFBhZ2VWaWV3ZWQ9NS4wJm1hbhEAMWFycygA0y5jJmNjPVVTRCZjaD2WABEmnQMrcj23AIEmZXZlbnRzPQcAEDFbAfQ2Yj1qOE9kdjZMb25ONHIzYW43TGhEM1daclUxYlVwQWtGa2tpWTFuY0JSOTZ0MlBUSSZjMT1EJTNEdjEmdjE9cmRjJmgxEQAiYzIKAKIyJnYyPW1sbyZoEQBRY2gmYzMbAASrASsmdhAANGgzPUEBD64BICFjNF4ANGcmdgkAIWM2EgCydjYmdjY9ZW4mYzcQAMA3JnY3PWRlc2t0b3BpAPIEYXlvdXQlN0MxMjgweDkzOSZjOCkAQjgmYzkKAM85JnY5PSU3QyZ2MTAWAk8idjE0AfIFbWlkJnYxOD1hbm9ueW1vdXMmYzGRAAVEASJjMkUBgHYxMCZ2Njg92wNSLjIlN0PmA4AlN0M0LjQuMBEAsjAyMjA4MDEmYzc11QBRNjgmcz31APELMTAyNCZjPTI0Jmo9MS42JnY9TiZrPVkmYncgAEAmYmg9GAH_Im1jb3JnaWQ9REI5NjM5NzI1QkQyRkM1QjBBNDk1QzY1JTQwQWRvYmVPcmcmQVFFPTFaBRIvNjBaBQAXOFoFsGluc2VydEJlZm9ybAY_c3RhVAUqrzU3MDc1NjcwOTJUBf_____MHzdUBQwPrgpCBVoFHzlaBQgP2wsIdFdSU2l0ZUn5C_ICRW5naW5lL0Fzc2V0LnBocD_sC_IGPVNJXzlaU2Z5Z2p6OVVsWmxCUCZWBw3CPTMyJlFfT1JJR0lOpwc8Oi8vAAkEEQwPKAwMBrwGMnhocssLChMMPjc2NWUBABQABRMMslhIUl9NQU5BR0VSQQACuAZvYWxsb3dlDwwhrzcyMDIwODY4MTdhAf-s9QNDUl9kNlhKQVp0WHczRkRySXDCAkU5JlFfAgMvSUTtAgEP4gJYD_UOACc2NpsJD-ICPp80OTU0MTg5NjHxDgkPQwQvD4EBqh83gQGJB58R_w00LjNiOWI0YWRkZDA2NWY5OWMzOGJhLmNodW5rsRFOPjc2MZ4FJzk0OwGgYXBwZW5kQ2hpbIsFD1YMLZ83Nzc5OTAxNzS5AiQPOAF3DzsIAAk4AQw7CBhB3AYP6BIkBT4BHzbZBiMPPgF3Hzh2AgwMPgEPJxQyBT8BDxgIJAc_AUBGZWVk9hNCTGlua3AJD6sDUB8zNQEAHzmrA0avNjE5MjYwMDMzM20CLg8uAWIfNC4BYx80LgGjD5EDAQhcAg-RA0IFYwIfODUBLv8HMS5hYmQ0YzFkODgzYmY0YjIyNWI1OUYHVh0ybQIoODA_AQ9GBzufNjg2NzkzNTU5bQIvDzgBbA53Ago4AQ93AkMCPwEvNjCFCAgEwhiwZGVtZGV4Lm5ldC-FG5E1Lmh0bWw_ZF-pGa91bmRlZmluZWQjAxkKBiQPU2lmcmFtnhUKJw8uNjawBD84NTPeBUaPNDU2NzM1NjXfFQkPBAFfDlUJCgQBDA8CD1UJMQUKAR81hQQHDwoBXw8ZAwAJDgIMCgEPIQkyBQsBD2AKCTtqYzFsHjRXUlF8HgmaEoEvR3JhcGhpY5YS8AVJTT1JTV8zUmIxY1pWTlJvMXg5Qr8BA1QeMmltZyELChcDLjkzFwMBFAAFPhLyB0hUTUxJbWFnZV9TRVRBVFRSSUJVVEVMAA9JEi2fNjAyNzg3ODEyAwkkD6oTA8A_UV9JbXByZXNzPTF4Hz9JRD1pDwBPUV9TSdkQBaBBU0lEPUFTXzQxcx8BzhMP1R8TNXI9MZgfNjkzN5kED70TBC45M5IDARQABX8BD9sQPp81MjM1NDE3MDalCyQPdAGwDvwDKDkz6hsPdAFHD4gJCPEBbHB0YWcubGl2ZXBlcnNvbhMHQHRhZy8XADBqcz-NIiA9NnkVNjU5NVkCDywiBx4yLCJPODAxMfIGR8A0MjMxMTY3NjZ9XX0
34.242.179.188204 No Content 0 B URL HTTP/2 data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=5&c=1202&i=8veivj&p=regions-prod-b&s=9235&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjoxLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAPElaHR0cHM6Ly9zaXRlaW50ZXJjZXB0LnF1YWx0cmljcy5jb20vZHhqc21vZHVsZS9Db3JlTQsA9AwuanM_UV9DTElFTlRWRVJTSU9OPTEuNzkuMCYXAPMEVFlQRT13ZWImUV9CUkFORElEPfkAYCIsInR5cNEA0HNjcmlwdCIsInN0YXLrAMA2NjYyODI5Njc2NzbZAABCAQUUAKA3NTUsInNvdXJjPAAxbXV0xwASTxUBMnJDTEgAoXR1cyI6ImxvYWT8AEBhc29u-wDUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpagDPODI2MDMyMjg3MH0sLQEGIm1lHgEDzwABJgFTYi9zcy8RAEBiYW5r3AHywC8xMC9KUy0yLjIyLjMvczUyNTMwODQ1OTQzMDQxP0FRQj0xJm5kaD0xJnBmPTEmY2FsbGJhY2s9c19jX2lsWzBdLmRvUG9zdGJhY2tzJmV0PTEmdD0yMCUyRjklMkYyMDIyJTIwMTYlM0EyMiUzQTQ3JTIwNCUyMDAmZC4mbnNpZD0wJmpzb252PTEmLmQmbWlkPTAzODA5MjE3Mzc3MzA3MzY3MTI0NDIwMjg0OTExNzE5OTMzNzAwJmFhbWxoPTYmY2U9VVRGLTgmbnM9crYC8D4mY2RwPTImcGFnZU5hbWU9cmRjJTdDbG9jYXRvciU3Q21vcnRnYWdlJTIwbG9hbiUyMG9mZmljZXIlMjBqZXJyaSUyMGNoYW1iZXJsaR8AwXNvdXRoYXZlbiZnPZAC0yUzQSUyRiUyRnd3dy5TAQBkATQlMkZnAIQyRm1sbyUyRm0AEC1rABMtaQARLWcAJS1jZQAWLWMA8w5jLiZhcGw9NC4wJmdldFByZXZpb3VzVmFsdWU9MxUAAAYD8AVudFBhZ2VWaWV3ZWQ9NS4wJm1hbhEAMWFycygA0y5jJmNjPVVTRCZjaD2WABEmnQMrcj23AIEmZXZlbnRzPQcAEDFbAfQ2Yj1qOE9kdjZMb25ONHIzYW43TGhEM1daclUxYlVwQWtGa2tpWTFuY0JSOTZ0MlBUSSZjMT1EJTNEdjEmdjE9cmRjJmgxEQAiYzIKAKIyJnYyPW1sbyZoEQBRY2gmYzMbAASrASsmdhAANGgzPUEBD64BICFjNF4ANGcmdgkAIWM2EgCydjYmdjY9ZW4mYzcQAMA3JnY3PWRlc2t0b3BpAPIEYXlvdXQlN0MxMjgweDkzOSZjOCkAQjgmYzkKAM85JnY5PSU3QyZ2MTAWAk8idjE0AfIFbWlkJnYxOD1hbm9ueW1vdXMmYzGRAAVEASJjMkUBgHYxMCZ2Njg92wNSLjIlN0PmA4AlN0M0LjQuMBEAsjAyMjA4MDEmYzc11QBRNjgmcz31APELMTAyNCZjPTI0Jmo9MS42JnY9TiZrPVkmYncgAEAmYmg9GAH_Im1jb3JnaWQ9REI5NjM5NzI1QkQyRkM1QjBBNDk1QzY1JTQwQWRvYmVPcmcmQVFFPTFaBRIvNjBaBQAXOFoFsGluc2VydEJlZm9ybAY_c3RhVAUqrzU3MDc1NjcwOTJUBf_____MHzdUBQwPrgpCBVoFHzlaBQgP2wsIdFdSU2l0ZUn5C_ICRW5naW5lL0Fzc2V0LnBocD_sC_IGPVNJXzlaU2Z5Z2p6OVVsWmxCUCZWBw3CPTMyJlFfT1JJR0lOpwc8Oi8vAAkEEQwPKAwMBrwGMnhocssLChMMPjc2NWUBABQABRMMslhIUl9NQU5BR0VSQQACuAZvYWxsb3dlDwwhrzcyMDIwODY4MTdhAf-s9QNDUl9kNlhKQVp0WHczRkRySXDCAkU5JlFfAgMvSUTtAgEP4gJYD_UOACc2NpsJD-ICPp80OTU0MTg5NjHxDgkPQwQvD4EBqh83gQGJB58R_w00LjNiOWI0YWRkZDA2NWY5OWMzOGJhLmNodW5rsRFOPjc2MZ4FJzk0OwGgYXBwZW5kQ2hpbIsFD1YMLZ83Nzc5OTAxNzS5AiQPOAF3DzsIAAk4AQw7CBhB3AYP6BIkBT4BHzbZBiMPPgF3Hzh2AgwMPgEPJxQyBT8BDxgIJAc_AUBGZWVk9hNCTGlua3AJD6sDUB8zNQEAHzmrA0avNjE5MjYwMDMzM20CLg8uAWIfNC4BYx80LgGjD5EDAQhcAg-RA0IFYwIfODUBLv8HMS5hYmQ0YzFkODgzYmY0YjIyNWI1OUYHVh0ybQIoODA_AQ9GBzufNjg2NzkzNTU5bQIvDzgBbA53Ago4AQ93AkMCPwEvNjCFCAgEwhiwZGVtZGV4Lm5ldC-FG5E1Lmh0bWw_ZF-pGa91bmRlZmluZWQjAxkKBiQPU2lmcmFtnhUKJw8uNjawBD84NTPeBUaPNDU2NzM1NjXfFQkPBAFfDlUJCgQBDA8CD1UJMQUKAR81hQQHDwoBXw8ZAwAJDgIMCgEPIQkyBQsBD2AKCTtqYzFsHjRXUlF8HgmaEoEvR3JhcGhpY5YS8AVJTT1JTV8zUmIxY1pWTlJvMXg5Qr8BA1QeMmltZyELChcDLjkzFwMBFAAFPhLyB0hUTUxJbWFnZV9TRVRBVFRSSUJVVEVMAA9JEi2fNjAyNzg3ODEyAwkkD6oTA8A_UV9JbXByZXNzPTF4Hz9JRD1pDwBPUV9TSdkQBaBBU0lEPUFTXzQxcx8BzhMP1R8TNXI9MZgfNjkzN5kED70TBC45M5IDARQABX8BD9sQPp81MjM1NDE3MDalCyQPdAGwDvwDKDkz6hsPdAFHD4gJCPEBbHB0YWcubGl2ZXBlcnNvbhMHQHRhZy8XADBqcz-NIiA9NnkVNjU5NVkCDywiBx4yLCJPODAxMfIGR8A0MjMxMTY3NjZ9XX0
IP 34.242.179.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /privacy/v1/b/r.rnc?n=5&c=1202&i=8veivj&p=regions-prod-b&s=9235&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNTcUAPAoY2xpZW50SWQiOjEyMDIsInB1Ymxpc2hQYXRoIjoicmVnaW9ucy1wcm9kLWIiLCJpbnN0YW5jZTEA8TQiOHZlaXZqIiwicGFja2V0IjoxLCJtb2RlIjoib2JzZXJ2ZSIsImNvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlJlXgDyECBQcm9kIEIiLCJyZXF1ZXN0cyI6W3siZGVzdGluYXTEAPElaHR0cHM6Ly9zaXRlaW50ZXJjZXB0LnF1YWx0cmljcy5jb20vZHhqc21vZHVsZS9Db3JlTQsA9AwuanM_UV9DTElFTlRWRVJTSU9OPTEuNzkuMCYXAPMEVFlQRT13ZWImUV9CUkFORElEPfkAYCIsInR5cNEA0HNjcmlwdCIsInN0YXLrAMA2NjYyODI5Njc2NzbZAABCAQUUAKA3NTUsInNvdXJjPAAxbXV0xwASTxUBMnJDTEgAoXR1cyI6ImxvYWT8AEBhc29u-wDUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpagDPODI2MDMyMjg3MH0sLQEGIm1lHgEDzwABJgFTYi9zcy8RAEBiYW5r3AHywC8xMC9KUy0yLjIyLjMvczUyNTMwODQ1OTQzMDQxP0FRQj0xJm5kaD0xJnBmPTEmY2FsbGJhY2s9c19jX2lsWzBdLmRvUG9zdGJhY2tzJmV0PTEmdD0yMCUyRjklMkYyMDIyJTIwMTYlM0EyMiUzQTQ3JTIwNCUyMDAmZC4mbnNpZD0wJmpzb252PTEmLmQmbWlkPTAzODA5MjE3Mzc3MzA3MzY3MTI0NDIwMjg0OTExNzE5OTMzNzAwJmFhbWxoPTYmY2U9VVRGLTgmbnM9crYC8D4mY2RwPTImcGFnZU5hbWU9cmRjJTdDbG9jYXRvciU3Q21vcnRnYWdlJTIwbG9hbiUyMG9mZmljZXIlMjBqZXJyaSUyMGNoYW1iZXJsaR8AwXNvdXRoYXZlbiZnPZAC0yUzQSUyRiUyRnd3dy5TAQBkATQlMkZnAIQyRm1sbyUyRm0AEC1rABMtaQARLWcAJS1jZQAWLWMA8w5jLiZhcGw9NC4wJmdldFByZXZpb3VzVmFsdWU9MxUAAAYD8AVudFBhZ2VWaWV3ZWQ9NS4wJm1hbhEAMWFycygA0y5jJmNjPVVTRCZjaD2WABEmnQMrcj23AIEmZXZlbnRzPQcAEDFbAfQ2Yj1qOE9kdjZMb25ONHIzYW43TGhEM1daclUxYlVwQWtGa2tpWTFuY0JSOTZ0MlBUSSZjMT1EJTNEdjEmdjE9cmRjJmgxEQAiYzIKAKIyJnYyPW1sbyZoEQBRY2gmYzMbAASrASsmdhAANGgzPUEBD64BICFjNF4ANGcmdgkAIWM2EgCydjYmdjY9ZW4mYzcQAMA3JnY3PWRlc2t0b3BpAPIEYXlvdXQlN0MxMjgweDkzOSZjOCkAQjgmYzkKAM85JnY5PSU3QyZ2MTAWAk8idjE0AfIFbWlkJnYxOD1hbm9ueW1vdXMmYzGRAAVEASJjMkUBgHYxMCZ2Njg92wNSLjIlN0PmA4AlN0M0LjQuMBEAsjAyMjA4MDEmYzc11QBRNjgmcz31APELMTAyNCZjPTI0Jmo9MS42JnY9TiZrPVkmYncgAEAmYmg9GAH_Im1jb3JnaWQ9REI5NjM5NzI1QkQyRkM1QjBBNDk1QzY1JTQwQWRvYmVPcmcmQVFFPTFaBRIvNjBaBQAXOFoFsGluc2VydEJlZm9ybAY_c3RhVAUqrzU3MDc1NjcwOTJUBf_____MHzdUBQwPrgpCBVoFHzlaBQgP2wsIdFdSU2l0ZUn5C_ICRW5naW5lL0Fzc2V0LnBocD_sC_IGPVNJXzlaU2Z5Z2p6OVVsWmxCUCZWBw3CPTMyJlFfT1JJR0lOpwc8Oi8vAAkEEQwPKAwMBrwGMnhocssLChMMPjc2NWUBABQABRMMslhIUl9NQU5BR0VSQQACuAZvYWxsb3dlDwwhrzcyMDIwODY4MTdhAf-s9QNDUl9kNlhKQVp0WHczRkRySXDCAkU5JlFfAgMvSUTtAgEP4gJYD_UOACc2NpsJD-ICPp80OTU0MTg5NjHxDgkPQwQvD4EBqh83gQGJB58R_w00LjNiOWI0YWRkZDA2NWY5OWMzOGJhLmNodW5rsRFOPjc2MZ4FJzk0OwGgYXBwZW5kQ2hpbIsFD1YMLZ83Nzc5OTAxNzS5AiQPOAF3DzsIAAk4AQw7CBhB3AYP6BIkBT4BHzbZBiMPPgF3Hzh2AgwMPgEPJxQyBT8BDxgIJAc_AUBGZWVk9hNCTGlua3AJD6sDUB8zNQEAHzmrA0avNjE5MjYwMDMzM20CLg8uAWIfNC4BYx80LgGjD5EDAQhcAg-RA0IFYwIfODUBLv8HMS5hYmQ0YzFkODgzYmY0YjIyNWI1OUYHVh0ybQIoODA_AQ9GBzufNjg2NzkzNTU5bQIvDzgBbA53Ago4AQ93AkMCPwEvNjCFCAgEwhiwZGVtZGV4Lm5ldC-FG5E1Lmh0bWw_ZF-pGa91bmRlZmluZWQjAxkKBiQPU2lmcmFtnhUKJw8uNjawBD84NTPeBUaPNDU2NzM1NjXfFQkPBAFfDlUJCgQBDA8CD1UJMQUKAR81hQQHDwoBXw8ZAwAJDgIMCgEPIQkyBQsBD2AKCTtqYzFsHjRXUlF8HgmaEoEvR3JhcGhpY5YS8AVJTT1JTV8zUmIxY1pWTlJvMXg5Qr8BA1QeMmltZyELChcDLjkzFwMBFAAFPhLyB0hUTUxJbWFnZV9TRVRBVFRSSUJVVEVMAA9JEi2fNjAyNzg3ODEyAwkkD6oTA8A_UV9JbXByZXNzPTF4Hz9JRD1pDwBPUV9TSdkQBaBBU0lEPUFTXzQxcx8BzhMP1R8TNXI9MZgfNjkzN5kED70TBC45M5IDARQABX8BD9sQPp81MjM1NDE3MDalCyQPdAGwDvwDKDkz6hsPdAFHD4gJCPEBbHB0YWcubGl2ZXBlcnNvbhMHQHRhZy8XADBqcz-NIiA9NnkVNjU5NVkCDywiBx4yLCJPODAxMfIGR8A0MjMxMTY3NjZ9XX0 HTTP/1.1
Host: data.privacy.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 20 Oct 2022 16:22:39 GMT
expires: Thu, 20 Oct 2022 16:22:38 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548
178.249.97.98200 OK 14 kB URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548
IP 178.249.97.98:0
File type ASCII text, with very long lines (32006)
Hash 9e4c683787d49bbaa091deaf240aaf8b
0f82eb717dd78040777812ba5a7bd80328ff7f0c
391401db6985f076c374abe210de4a776c05ba8e7a5ea15a497e36f9d91043a3
GET /le_unified_window/10.22.0.0-release_5548/ui-framework.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:37 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:40 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 20 Oct 2023 16:22:37 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/60208595/configuration/setting/accountproperties/?cb=accountSettingsCB
178.249.101.99200 OK 377 kB URL HTTP/2 accdn.lpsnmedia.net/api/account/60208595/configuration/setting/accountproperties/?cb=accountSettingsCB
IP 178.249.101.99:0
File type ASCII text, with very long lines (38372)
Size 377 kB (376632 bytes)
Hash 188105491939d869489d12791f68278f
d6d0b207e9f1737e7eea155ec03f714d8773ada0
212e5dec9f38ff40ce7787019033a40f198fe0171a38e63d691150d941440fc6
GET /api/account/60208595/configuration/setting/accountproperties/?cb=accountSettingsCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:37 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:6e6e5f65-b3f4-4fcb-8ee1-be11bf4d2426; Max-Age=30; Expires=Thu, 20-Oct-2022 16:23:07 GMT; Path=/
ADRUM_BTa=R:24|g:6e6e5f65-b3f4-4fcb-8ee1-be11bf4d2426|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Thu, 20-Oct-2022 16:23:07 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Thu, 20-Oct-2022 16:23:07 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241585; Max-Age=30; Expires=Thu, 20-Oct-2022 16:23:07 GMT; Path=/
ADRUM_BT1=R:24|i:2241585|e:5; Max-Age=30; Expires=Thu, 20-Oct-2022 16:23:07 GMT; Path=/
vary: Accept
expires: Thu, 20 Oct 2022 16:23:37 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.78:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Thu, 20 Oct 2022 16:22:35 GMT
date: Thu, 20 Oct 2022 16:22:35 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=GC193Hgy6Cw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=AeO08HGriYo; Domain=.youtube.com; Expires=Tue, 18-Apr-2023 16:22:35 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+702; expires=Sat, 19-Oct-2024 16:22:35 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.cloudflare.com/cdn-cgi/trace
104.16.124.96200 OK 0 B URL HTTP/2 www.cloudflare.com/cdn-cgi/trace
IP 104.16.124.96:0
GET /cdn-cgi/trace HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 75d317e0483e0b31-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
partners.tremorhub.com/sync?UIRF=5109685624664376815&r=j_-A_EKjxv4b
54.92.133.28200 OK 0 B URL HTTP/2 partners.tremorhub.com/sync?UIRF=5109685624664376815&r=j_-A_EKjxv4b
IP 54.92.133.28:0
GET /sync?UIRF=5109685624664376815&r=j_-A_EKjxv4b HTTP/1.1
Host: partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20839218p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.208.240:0
GET /dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: application/javascript
cf-ray: 75d317dfdc7bb51d-OSL
access-control-allow-origin: *
age: 214908
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"19b73-183c2d70130"
last-modified: Mon, 10 Oct 2022 17:00:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=105331
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/4.3b9b4addd065f99c38ba.chunk.js?Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/4.3b9b4addd065f99c38ba.chunk.js?Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.208.240:0
GET /dxjsmodule/4.3b9b4addd065f99c38ba.chunk.js?Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: application/javascript
cf-ray: 75d317e04ce8b51d-OSL
access-control-allow-origin: *
age: 214907
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"9eb-183c2d70130"
last-modified: Mon, 10 Oct 2022 17:00:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=2539
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&Q_BRANDID=regions
IP 104.17.208.240:0
GET /dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web&Q_BRANDID=regions HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: application/javascript
cf-ray: 75d317e05cf2b51d-OSL
access-control-allow-origin: *
age: 213878
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"de0-183c2d70130"
last-modified: Mon, 10 Oct 2022 17:00:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=3552
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
regionsbank.mpeasylink.com/mpel/mpel.js
44.197.47.122200 OK 0 B URL HTTP/2 regionsbank.mpeasylink.com/mpel/mpel.js
IP 44.197.47.122:0
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel.js HTTP/1.1
Host: regionsbank.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 16:22:37 GMT
content-type: application/javascript
accept-ranges: bytes
etag: W/"5096-1664222686000"
last-modified: Mon, 26 Sep 2022 20:04:46 GMT
cache-control: max-age=86400
expires: Fri, 21 Oct 2022 16:22:37 GMT
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9ZSfygjz9UlZlBP&Version=32&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9ZSfygjz9UlZlBP&Version=32&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web
IP 104.17.208.240:0
GET /WRSiteInterceptEngine/Asset.php?Module=SI_9ZSfygjz9UlZlBP&Version=32&Q_ORIGIN=https://www.regions.com&Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: application/json
cf-ray: 75d317e12dc8b51d-OSL
access-control-allow-origin: *
age: 12877
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
expires: Wed, 13 Oct 2032 14:29:13 GMT
last-modified: Sun, 16 Oct 2022 14:29:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: false
edge-control: max-age=604800
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
servershortname:
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
178.249.101.23200 OK 0 B URL HTTP/2 lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP 178.249.101.23:0
GET /lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:37 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: HIT
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.regionsmortgage.com/jerrichamberlin
205.255.102.40301 Moved permanently 0 B URL HTTP/1.1 www.regionsmortgage.com/jerrichamberlin
IP 205.255.102.40:0
GET /jerrichamberlin HTTP/1.1
Host: www.regionsmortgage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved permanently
Location: https://www.regionsmortgage.com/jerrichamberlin
Connection: close
Cache-Control: no-cache
Pragma: no-cache
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
34.120.237.76200 OK 0 B URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
IP 34.120.237.76:0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9623
x-amzn-requestid: b3d5bd8d-111b-4d50-9720-71f72c62f860
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7Q8oFLRIAMFrEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347951d-613e5e810f420e4c0ba3e6f6;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 04:33:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OA9iHADyiam26eo88jYDECifkqeBaTjsuoeHD2YOy0aZJZEGhG-xow==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 13:19:23 GMT
age: 10991
etag: "ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nexus.ensighten.com/regions/regions-prod-b/code/8e0992894ec3a637adf11e19307bb65b.js?conditionId0=365287
54.230.111.63200 OK 0 B URL HTTP/2 nexus.ensighten.com/regions/regions-prod-b/code/8e0992894ec3a637adf11e19307bb65b.js?conditionId0=365287
IP 54.230.111.63:0
GET /regions/regions-prod-b/code/8e0992894ec3a637adf11e19307bb65b.js?conditionId0=365287 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 11 Oct 2022 20:55:24 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Jul 2021 14:26:53 GMT
etag: W/"f0b3bc9acb1e7982799b5964c5fbe4fa"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: ADOXsF916QjJzYqPhv1Wfcx1oWZYS1ga
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ql7ACVGQiM1VHMhehoqBZZ7F2LyTVwOxuNRZHKrRnBX_u1Z82Vq6wQ==
age: 761232
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/499108531775714?v=2.9.87&r=stable
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/499108531775714?v=2.9.87&r=stable
IP 31.13.72.12:0
GET /signals/config/499108531775714?v=2.9.87&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: c4zI+jsqNEb/7yc+PZDZmF0y4BjPGVhJqJYDBI/VEDbxlvMxJtj0lgy+2ybuwtVJeFbb8fZKA6dXODs21SLwQw==
x-fb-trip-id: 1904183273
date: Thu, 20 Oct 2022 16:22:35 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548
IP 178.249.97.98:0
GET /le_unified_window/10.22.0.0-release_5548/UMSClientAPI.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:37 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:39 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 20 Oct 2023 16:22:37 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548
IP 178.249.97.98:0
GET /le_unified_window/10.22.0.0-release_5548/surveylogicinstance.min.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:37 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:41 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 20 Oct 2023 16:22:37 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 178.249.101.99:0
GET /api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:37 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:24|g:4a7a04ad-60c3-491a-9e80-5ae7d9af45fe; Max-Age=30; Expires=Thu, 20-Oct-2022 16:23:07 GMT; Path=/
ADRUM_BTa=R:24|g:4a7a04ad-60c3-491a-9e80-5ae7d9af45fe|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Thu, 20-Oct-2022 16:23:07 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Thu, 20-Oct-2022 16:23:07 GMT; Path=/; Secure
ADRUM_BT1=R:24|i:2241585; Max-Age=30; Expires=Thu, 20-Oct-2022 16:23:07 GMT; Path=/
ADRUM_BT1=R:24|i:2241585|e:6; Max-Age=30; Expires=Thu, 20-Oct-2022 16:23:07 GMT; Path=/
vary: Accept
expires: Thu, 20 Oct 2022 16:23:37 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548
IP 178.249.97.98:0
GET /le_unified_window/10.22.0.0-release_5548/resources/js/desktopEmbeddedStyle.js?version=10.22.0.0-release_5548 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:37 GMT
content-type: application/javascript
last-modified: Sat, 01 Oct 2022 02:35:46 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Fri, 20 Oct 2023 16:22:37 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web
IP 104.17.208.240:0
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_2tbnXZsYSY6ZeF7&Q_CLIENTVERSION=1.79.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 141
Origin: https://www.regions.com
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: application/json
cf-ray: 75d317df1b9cb51d-OSL
access-control-allow-origin: https://www.regions.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: b6c0387914bd7288
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.244200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.244:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:35 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "cbFpuah7ilcpMTJLYeCgng=="
expires: Thu, 27 Oct 2022 16:22:35 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
bttrack.com/engagement/js?goalId=44911&cb=1666282966725
192.132.33.46200 OK 0 B URL HTTP/2 bttrack.com/engagement/js?goalId=44911&cb=1666282966725
IP 192.132.33.46:0
GET /engagement/js?goalId=44911&cb=1666282966725 HTTP/1.1
Host: bttrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,no-cache
pragma: no-cache
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: -1
server: Microsoft-IIS/8.5
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
set-cookie: bt-es-44911=3fd4d2a0-595e-4ded-89c0-2a02b6a432a8; path=/
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
x-servername: Track003-iad
date: Thu, 20 Oct 2022 16:21:40 GMT
X-Firefox-Spdy: h2
zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&t=1666282967259
104.17.208.240200 OK 0 B URL HTTP/2 zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&t=1666282967259
IP 104.17.208.240:0
GET /WRSiteInterceptEngine/?Q_ZID=ZN_2tbnXZsYSY6ZeF7&Q_LOC=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&t=1666282967259 HTTP/1.1
Host: zn2tbnxzsysy6zef7-regions.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 75d317dd99c5b51d-OSL
access-control-allow-origin: *
age: 35104
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-cAvKu9uY8F3TXYelPE5YH/ERF3M"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=u4lrxod&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&upid=3e7kzj5&upv=1.1.0
3.33.220.150200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=u4lrxod&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&upid=3e7kzj5&upv=1.1.0
IP 3.33.220.150:0
GET /track/up?adv=u4lrxod&ref=https%3A%2F%2Fwww.regions.com%2Flocator%2Fmlo%2Fmortgage-loan-officer-jerri-chamberlin-southaven&upid=3e7kzj5&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.regions.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 20 Oct 2022 16:22:36 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2